• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 559
  • Last Modified:

how to monitor incoming traffic through a certain port cisco pix 506e

is there a way to monitor what ports ppl from the outside world are trying to access from the cisco pix 506e?

michael
0
myfootsmells
Asked:
myfootsmells
  • 3
  • 2
1 Solution
 
lrmooreCommented:
All of them. Somebody, somewhere is always scanning your outside interface trying every port.
If you want to be flooded with information, just start logging everything that gets denied by turning on ip audit.
 ip audit attack action alarm  <== send syslog message
 ip audit info action alarm
 ip audit interface outside

sho ip audit interface outside
0
 
myfootsmellsAuthor Commented:
mmm -- i already have my syslog server setup, do i need to tell the pix which syslog server to use with the above commands or will it just take the current ones?

what does sho do?
0
 
rsivanandanCommented:
logging on
logging host

Use these commands and give the ip address in the second command to enable logging onto a syslog client. Get Kiwi Syslog (free) if you don't have one.

Cheers,
Rajesh
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
lrmooreCommented:
sho = shortcut for show
0
 
myfootsmellsAuthor Commented:
the ip audit interface outside is an invalid command.  i tried ip audit interface outbound which is the name of my interface still no good.
0
 
lrmooreCommented:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1101884

ip audit interface if_name audit_name

ip audit interface outside info
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now