[c-nsp] Telnet FROM a PIX Appliance?
Tony Varriale
tvarriale at comcast.net
Fri Jul 4 00:50:13 EDT 2008
Holy crap. Did you say Windows?
tv
----- Original Message -----
From: "Ted Mittelstaedt" <tedm at toybox.placo.com>
To: "Ziv Leyes" <zivl at gilat.net>; "Joerg Mayer" <jmayer at loplof.de>; "Aaron
R" <aaronis at people.net.au>
Cc: <cisco-nsp at puck.nether.net>
Sent: Thursday, July 03, 2008 10:21 PM
Subject: Re: [c-nsp] Telnet FROM a PIX Appliance?
>
> Rubbish.
>
> The reason the PIX doesen't allow Telnet is that the original
> PIX devices were built on a Windows core, Windows 3.1 as I
> believe, with the GUI and most of the command line utilities
> stripped away. Because the PIX was an early out-of-the-hole
> firewall, it captured a customer base of customers who needed
> a firewall but frankly didn't understand much about what they
> needed. ie: dumb bunnies in cash-rich organizations willing
> to buy sub-par technology that was hyped up to rediculous
> amounts. It's an old story in technology.
>
> This was a very valuable customer base which is why Cisco
> purchased the PIX product line. Cisco had little interest
> in the lame firewalling technology of the PIX and has
> spent at least a decade of careful work grooming the PIX
> customers off PIXes and on to Cisco router platforms. To
> accomplish this they were -extraordinairly- careful to
> preserve the PIX interface and limitations over the years.
> But as anyone who works with PIXes knows, Cisco has really
> not improved the basic technology of the PIX over the years.
>
> That is why the current Cisco IOS-based firewalls have
> a firewalling feature set that knocks a PIX into a cocked
> hat.
>
> It is also why Cisco has finally felt comfortable enough
> that they have migrated the PIX customers worth keeping
> over to their own product line, to announce that they were
> discontinuing the PIX product line. As they did recently.
>
> Ted
>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net
>> [mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Ziv Leyes
>> Sent: Monday, June 30, 2008 5:31 AM
>> To: Joerg Mayer; Aaron R
>> Cc: cisco-nsp at puck.nether.net
>> Subject: Re: [c-nsp] Telnet FROM a PIX Appliance?
>>
>>
>> I guess it's more as a "working right" educational purpose, so
>> you won't use your firewall as a debugging client.
>> In newer versions there's the packet tracker that can help you
>> debug connectivity problems.
>> Ziv
>>
>>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net
>> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Joerg Mayer
>> Sent: Monday, June 30, 2008 2:21 PM
>> To: Aaron R
>> Cc: cisco-nsp at puck.nether.net
>> Subject: Re: [c-nsp] Telnet FROM a PIX Appliance?
>>
>> On Mon, Jun 30, 2008 at 06:30:59PM +0800, Aaron R wrote:
>> > It is disabled as a security feature. I have also wanted to do
>> the same for
>> > troubleshooting purposes.
>>
>> And why exactly is this a security feature? What is the *gain* in
>> security?
>>
>> Ciao
>> Joerg
>> --
>> Joerg Mayer <jmayer at loplof.de>
>> We are stuck with technology when what we really want is just stuff that
>> works. Some say that should read Microsoft instead of technology.
>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
>>
>>
>>
>> ******************************************************************
>> ******************
>> This footnote confirms that this email message has been scanned by
>> PineApp Mail-SeCure for the presence of malicious code, vandals &
>> computer viruses.
>> ******************************************************************
>> ******************
>>
>>
>>
>>
>>
>>
>>
>>
>> ******************************************************************
>> ******************
>> This footnote confirms that this email message has been scanned by
>> PineApp Mail-SeCure for the presence of malicious code, vandals &
>> computer viruses.
>> ******************************************************************
>> ******************
>>
>>
>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list