"Hiemstra, Brenno" wrote: > Basically test from the network several services, port scan > etc etc and see what the result is and what you configured > in your PIX rulebase. > > Basically you should only see services or ports that are > allowed and the rest are closed. If you see strange ports > and all then you must look at your FW rulebase and see > if there is an error there.
Yes, and perhaps in addition to scanning a node past the firewall, also scan the firewall itself. Some firewalls have ports open for various management/proxy/security functions so you want to make sure you have open only what you need & know about on the firewall itself. Sometimes they are not covered by the policy, sometimes they are. Regards, Chris. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
