Firewall Wizards mailing list archives

RE: cisco pix does not log traffic targetted to itself?

From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Mon, 6 Jan 2003 13:56:31 -0500 (EST)

On Mon, 6 Jan 2003, Noonan, Wesley wrote:

As for the latter though, yes it deny's all by default (no need to insert
the rule).


Although IMHO it's good practice to explicitly state your deny all rule.  It
improves clarity overall, which is never a bad thing.

cheers!

-----Original Message-----
From: Toh Kar Lai Catherine [mailto:kltoh () ncs com sg]
Sent: Monday, January 06, 2003 03:53
To: 'firewall-wizards () honor icsalabs com'
Subject: [fw-wiz] cisco pix does not log traffic targetted to itself?

My cisco pix firewall is logging denied traffic normally. However when I
tried using a scanner to scan the cisco pix firewall itself, a few open
ports were discovered but no traffic of the scan was captured in the log.
In
other words, the firewall didn't log my scan activity. What can I do to to
ensure that any activity targetted to my firewall is logged?

Also is it true that the cisco pix firewall deny all traffics that is not
permitted in the rule-base BY DEFAULT? Is there a need to insert a last
rule
that deny any to any?

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

cisco pix does not log traffic targetted to itself? Toh Kar Lai Catherine (Jan 06)
- <Possible follow-ups>
- RE: cisco pix does not log traffic targetted to itself? Noonan, Wesley (Jan 06)
  - RE: cisco pix does not log traffic targetted to itself? Gwendolynn ferch Elydyr (Jan 06)
- Fw: cisco pix does not log traffic targetted to itself? Jose y Romy (Jan 06)
  - Re: Fw: cisco pix does not log traffic targetted to itself? Kevin Steves (Jan 11)
- RE: cisco pix does not log traffic targetted to itself? Toh Kar Lai Catherine (Jan 07)
- RE: cisco pix does not log traffic targetted to itself? Jose y Romy (Jan 12)
- Re: Fw: cisco pix does not log traffic targetted to itself? Mark . Boltz (Jan 12)
  - Re: Fw: cisco pix does not log traffic targetted to itself? Kevin Steves (Jan 14)