I've seen one of the risks already.
I did an install just over a week ago, and unfortunately let the customer
know about the PDM GUI. I've had three maintenance calls so far, all of them
turned out to be config changes made by PDM.
One of the configs was hardly recognisable. I think there may be a button
which reads "Install a random config".
The GUI seems good and at least it is https and (hopefully) only accessible
from the inside interface. The problem seems to be the ease of access it
gives to people who would normally be scared off by a Pix CLI config.
I've not seen any security bulletins yet, but I would be surprised if they
don't start arriving within the coming months.
:-)
Gareth
""Brian Wilkins"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I was wondering if anyone has formed any opinions yet as to the security
of
> the new ver 6 of the PIX IOS using the HTTP interface. As I'm sure most
> folks know, there were some exploits with the HTML interface on Cisco's
> routers and switches, so I choose not to run those. But, since PIX
> configuration is such a different animal, is it worth enabling the GUI ??
> Anybody seen any risks??
>
> All help is always appreciated.
>
> Brian Wilkins
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20847&t=20842
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
