Solved

how to monitor incoming traffic through a certain port cisco pix 506e

Posted on 2006-11-03
7
536 Views
Last Modified: 2013-11-16
is there a way to monitor what ports ppl from the outside world are trying to access from the cisco pix 506e?

michael
0
Comment
Question by:myfootsmells
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17869887
All of them. Somebody, somewhere is always scanning your outside interface trying every port.
If you want to be flooded with information, just start logging everything that gets denied by turning on ip audit.
 ip audit attack action alarm  <== send syslog message
 ip audit info action alarm
 ip audit interface outside

sho ip audit interface outside
0
 
LVL 5

Author Comment

by:myfootsmells
ID: 17870562
mmm -- i already have my syslog server setup, do i need to tell the pix which syslog server to use with the above commands or will it just take the current ones?

what does sho do?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17872364
logging on
logging host

Use these commands and give the ip address in the second command to enable logging onto a syslog client. Get Kiwi Syslog (free) if you don't have one.

Cheers,
Rajesh
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 79

Expert Comment

by:lrmoore
ID: 17873171
sho = shortcut for show
0
 
LVL 5

Author Comment

by:myfootsmells
ID: 18042105
the ip audit interface outside is an invalid command.  i tried ip audit interface outbound which is the name of my interface still no good.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 18043139
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1101884

ip audit interface if_name audit_name

ip audit interface outside info
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question