Solved

how to monitor incoming traffic through a certain port cisco pix 506e

Posted on 2006-11-03
7
541 Views
Last Modified: 2013-11-16
is there a way to monitor what ports ppl from the outside world are trying to access from the cisco pix 506e?

michael
0
Comment
Question by:myfootsmells
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17869887
All of them. Somebody, somewhere is always scanning your outside interface trying every port.
If you want to be flooded with information, just start logging everything that gets denied by turning on ip audit.
 ip audit attack action alarm  <== send syslog message
 ip audit info action alarm
 ip audit interface outside

sho ip audit interface outside
0
 
LVL 5

Author Comment

by:myfootsmells
ID: 17870562
mmm -- i already have my syslog server setup, do i need to tell the pix which syslog server to use with the above commands or will it just take the current ones?

what does sho do?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17872364
logging on
logging host

Use these commands and give the ip address in the second command to enable logging onto a syslog client. Get Kiwi Syslog (free) if you don't have one.

Cheers,
Rajesh
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 79

Expert Comment

by:lrmoore
ID: 17873171
sho = shortcut for show
0
 
LVL 5

Author Comment

by:myfootsmells
ID: 18042105
the ip audit interface outside is an invalid command.  i tried ip audit interface outbound which is the name of my interface still no good.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 18043139
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1101884

ip audit interface if_name audit_name

ip audit interface outside info
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question