[Dshield] Firewall newbie
GuyBarnum at Armscole.com
Thu Dec 18 16:39:26 GMT 2003
I've installed a CISCO PIX 501 firewall appliance on my company's broadband internet feed and have a few questions for the experts on the list; thank you by the way to everyone who responded to my earlier request for advice and information on firewall choices.
The configuration options available on the PIX are overwhelming while the documentation provided by Cisco is quite underwhelming, rather non-existent.
I am looking for basic security configuration necessities. What logging options, filtering, security levels, etc. should I have configured? Are there good online walk through for PIX configuration that you know of? Is there a good manual you can recommend?
What do I need to setup, install or configure to contribute my logs to the dshield site?
Any information or recommended resources are welcome.
I already see a lot of activity on the firewall's internal and external interface with only one test laptop connected to the PIX and no browser, telnet or any other programs running. With no manual or reference material provided with the PIX I have no way of knowing if this is normal or if my system is compromised already, really trying not to be paranoid.
For the basic questions anyone may have; I changed the default pix host name and domain name, I set a password for PIX configuration access, VPN is not enabled until I learn a lot more about it, auto update is not enabled, the inside interface security level is 100, the outside interface security level is 0, and PAT is being used rather than NAT.
More information about the list