[Dshield] Firewall newbie

Troy Billington DoShelp at DoShelp.com
Thu Dec 18 16:49:40 GMT 2003

Hi Guy,

One thing I can contribute is a most recent and SERIOUS vulnerability found
in Cisco Pix firewalls See:
http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml .

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
Behalf Of Guy Barnum
Sent: Thursday, December 18, 2003 11:39 AM
To: General DShield Discussion List
Subject: [Dshield] Firewall newbie

I've installed a CISCO PIX 501 firewall appliance on my company's broadband
internet feed and have a few questions for the experts on the list; thank
you by the way to everyone who responded to my earlier request for advice
and information on firewall choices.

The configuration options available on the PIX are overwhelming while the
documentation provided by Cisco is quite underwhelming, rather non-existent.

I am looking for basic security configuration necessities. What logging
options, filtering, security levels, etc. should I have configured?  Are
there good online walk through for PIX configuration that you know of?  Is
there a good manual you can recommend?

What do I need to setup, install or configure to contribute my logs to the
dshield site?

Any information or recommended resources are welcome.

I already see a lot of activity on the firewall's internal and external
interface with only one test laptop connected to the PIX and no browser,
telnet or any other programs running.  With no manual or reference material
provided with the PIX I have no way of knowing if this is normal or if my
system is compromised already, really trying not to be paranoid.

For the basic questions anyone may have; I changed the default pix host name
and domain name, I set a password for PIX configuration access, VPN is not
enabled until I learn a lot more about it, auto update is not enabled, the
inside interface security level is 100, the outside interface security level
is 0, and PAT is being used rather than NAT.


list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list