RE: Cisco PIX open ports on outside interface?

["Smith, Gary (SCOTAM)" <gary.smith () ScottishAmicable co uk>]

Fabio:

We do not have any web accelerator products installed.  We have a proxy on
the inside, a pix, and then a router on the outside, and that's it. I have
tried to find out whether the PIX holds some sort of internal web caching
but I can't find anything documented anywhere.

--Gary;

-----Original Message-----
From: Fabio Pietrosanti (naif) [mailto:fabio () telemail it]
Sent: Saturday, December 09, 2000 4:18 AM
To: Smith, Gary (SCOTAM)
Cc: 'firewall-wizards () nfr com'
Subject: Re: [fw-wiz] Cisco PIX open ports on outside interface?


depot/prod/ontap? isn't this network appliance, file server, or web
accellerator?

naif

On Tue, 5 Dec 2000, Smith, Gary (SCOTAM) wrote:

> All:
>
> I have an acl on the outside interface of a pix that allows:
>
> 80 & 443 to a web server on the DMZ
> 25 to a mail server on the DMZ
>
> and then has an explicit deny ip any any rule.
>
> When a security company ran a strobe against the outside interface they
> claim that both Telnet and Cisco Secure Telnet were open on the outside
> interface (although they couldn't connect) and I have also verified that
> port 80 is open with the following returned after a get /
>
> <!-- $ID: //depot/prod/ontap/Rbrutus/prod/netcache/errors/500.html#1 $ -->
>
> I couldn't verify the telnet ports were open (though I don't know what
they
> used to test, I used netcat), we do have remote administration enabled but
I
> remember reading somewhere that this was only on the inside interface
> (though this might be version 4.x.x documentation).
>
> Should any ports be open on the outside interface by default?  Where is
this
> documented?
>
> Any and all help gratefully received.
>
> --Gary;
>
>
>
>
> **********************************************************************
> Information contained herein is the sole responsibility of the Individual
> sending the message. No responsibility is admitted by Scottish Amicable
> for any loss or damage incurred through use of the email. In addition, no
> statement should be construed as giving investment advice within or
> outside the United Kingdom.
> An email reply to this address may be subject to interception or
monitoring
> for operational reasons or for lawful business practices.
> *********************************************************************
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://www.nfr.com/mailman/listinfo/firewall-wizards


**********************************************************************
Information contained herein is the sole responsibility of the Individual
sending the message. No responsibility is admitted by Scottish Amicable
for any loss or damage incurred through use of the email. In addition, no 
statement should be construed as giving investment advice within or
outside the United Kingdom.
An email reply to this address may be subject to interception or monitoring 
for operational reasons or for lawful business practices.
*********************************************************************

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards