What!? The original PIX code was < 500k as the first versions from
Network Translations only had 512k flash moodules in them. There is no
way that it was based on Windows, not even 3.1. I think you are
thinking of the Centri (or whatever it was called) that was windows
based that they bought many years ago. I actually worked at Cisco when
they bought the PIX and the Centri and then they killed the Centri
shortly thereafter. I think the Centri ran on Windows 95, but I am not
100% sure as that was 10+ years ago.
IMO, the reason that so many people use(d) the PIX is that they just
work. You set it up and forget it for two years. You rarely even need
to update the software on it as there are so few bugs that are show
stoppers. Now, the ASA is a different story. There is a lot more stuff
in it and hence a lot more bugs.
Ted Mittelstaedt wrote:
Rubbish.
The reason the PIX doesen't allow Telnet is that the original
PIX devices were built on a Windows core, Windows 3.1 as I
believe, with the GUI and most of the command line utilities
stripped away. Because the PIX was an early out-of-the-hole
firewall, it captured a customer base of customers who needed
a firewall but frankly didn't understand much about what they
needed. ie: dumb bunnies in cash-rich organizations willing
to buy sub-par technology that was hyped up to rediculous
amounts. It's an old story in technology.
This was a very valuable customer base which is why Cisco
purchased the PIX product line. Cisco had little interest
in the lame firewalling technology of the PIX and has
spent at least a decade of careful work grooming the PIX
customers off PIXes and on to Cisco router platforms. To
accomplish this they were -extraordinairly- careful to
preserve the PIX interface and limitations over the years.
But as anyone who works with PIXes knows, Cisco has really
not improved the basic technology of the PIX over the years.
That is why the current Cisco IOS-based firewalls have
a firewalling feature set that knocks a PIX into a cocked
hat.
It is also why Cisco has finally felt comfortable enough
that they have migrated the PIX customers worth keeping
over to their own product line, to announce that they were
discontinuing the PIX product line. As they did recently.
Ted
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ziv Leyes
Sent: Monday, June 30, 2008 5:31 AM
To: Joerg Mayer; Aaron R
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Telnet FROM a PIX Appliance?
I guess it's more as a "working right" educational purpose, so
you won't use your firewall as a debugging client.
In newer versions there's the packet tracker that can help you
debug connectivity problems.
Ziv
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joerg Mayer
Sent: Monday, June 30, 2008 2:21 PM
To: Aaron R
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Telnet FROM a PIX Appliance?
On Mon, Jun 30, 2008 at 06:30:59PM +0800, Aaron R wrote:
It is disabled as a security feature. I have also wanted to do
the same for
troubleshooting purposes.
And why exactly is this a security feature? What is the *gain* in
security?
Ciao
Joerg
--
Joerg Mayer <[EMAIL PROTECTED]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
******************************************************************
******************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals &
computer viruses.
******************************************************************
******************
******************************************************************
******************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals &
computer viruses.
******************************************************************
******************
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
