[Dshield] Firewall newbie

Chuck Lewis clewis at iquest.net
Thu Dec 18 19:18:06 GMT 2003


We just had one installed here for VPN and here is some stuff show version
shows as to how we are configured (not sure it is of any help or not):

Licensed Features:
Failover:       Disabled
VPN-DES:        Enabled
VPN-3DES:       Disabled
Maximum Interfaces:     2
Cut-through Proxy:      Enabled
Guards:         Enabled
Websense:       Enabled
Inside Hosts:   Unlimited
Throughput:     Limited
ISAKMP peers:   Unlimited


-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Guy Barnum
Sent: Thursday, December 18, 2003 11:39 AM
To: General DShield Discussion List
Subject: [Dshield] Firewall newbie

I've installed a CISCO PIX 501 firewall appliance on my company's broadband
internet feed and have a few questions for the experts on the list; thank
you by the way to everyone who responded to my earlier request for advice
and information on firewall choices.

The configuration options available on the PIX are overwhelming while the
documentation provided by Cisco is quite underwhelming, rather non-existent.

I am looking for basic security configuration necessities. What logging
options, filtering, security levels, etc. should I have configured?  Are
there good online walk through for PIX configuration that you know of?  Is
there a good manual you can recommend?

What do I need to setup, install or configure to contribute my logs to the
dshield site?

Any information or recommended resources are welcome.

I already see a lot of activity on the firewall's internal and external
interface with only one test laptop connected to the PIX and no browser,
telnet or any other programs running.  With no manual or reference material
provided with the PIX I have no way of knowing if this is normal or if my
system is compromised already, really trying not to be paranoid.

For the basic questions anyone may have; I changed the default pix host name
and domain name, I set a password for PIX configuration access, VPN is not
enabled until I learn a lot more about it, auto update is not enabled, the
inside interface security level is 100, the outside interface security level
is 0, and PAT is being used rather than NAT.


list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list