Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: pix and transparent proxy

from [Meidinger Chris] Network Security [Permanent Link]
Subject: RE: pix and transparent proxy
Date: Mon, 3 Apr 2006 12:21:22 +0200 
Hi Andrew,

as far as I can tell, you're right. That config has nothing to do with
transparent caching.

Also it's for an ASA and not a PIX :(

Imran: I know of no way that you can use a 501 for transparent caching.
It's got 16 megs of ram, about 11-12 of which is taken when it's on
load. Where should the cached files be stored??

If you are thinking of a setup like:

Client
  |
  |
  |
PIX---Proxy Server
  |
  |
  |
Internet

Where web requests are sent transparently to the proxy server, you can't
do it on a 501. The PIX v. 6.x will *not* turn a packet around on one
interface and route it back out. With only two interfaces on a 501 (one
of which is the 4-port switch) you are out of luck on that one.

Cheers,

Chris 


-----Original Message-----
From: Andrew Shore [mailto:andrew.shore@holistic.it] 
Sent: Friday, March 31, 2006 4:51 PM
To: A@B.COM; firewalls@securityfocus.com
Subject: RE: pix and transparent proxy

This just enables the web interface for all internal users. Whats this
got to do with transpatent proxy? Or have I missed part of 
this thread!

-----Original Message-----
From: A@B.COM [mailto:A@B.COM] 
Sent: 25 March 2006 17:32
To: firewalls@securityfocus.com
Subject: Re: pix and transparent proxy

READ THE MANUAL... :-)
interface Ethernet1 
      nameif inside 
      security-level 100 
      ip address 192.168.1.1 255.255.255.0 
http server enable 
http 0.0.0.0 0.0.0.0 inside
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: NAT and bypass NAT for IPSEC, Ercan Elibol
Next by Date:  RE: pix and transparent proxy, Andrew Shore
Previous by Thread:  Re: NAT and bypass NAT for IPSEC, Ercan Elibol
Next by Thread:  Re: pix and transparent proxy, Imran Imtiaz
Indexes:  [Date] [Thread] [Top] [All Lists]