[quote Cisco]Java applets may be downloaded when you permit access to port 80 (HTTP), and some Java applets can contain hidden code that can destroy data on the internal network. A solution to this problem is to use the filter java command to block all Java applets.[/quote]
The command to Filter Java is the following syntax:
To completely block all JAVA access on port 80, use the following command:
filter java 80 0 0 0 0
[quote Cisco]ActiveX controls, formerly known as Object Linking and Embedding (OLE) or Object Linking and Embedding control (OCX), are applets that can be inserted in web pagesùoften used in animationsùor in other applications. ActiveX controls create a potential security problem because they can provide a way for someone to attack servers. Because of this potential security problem, you can use the PIX Firewall to block all ActiveX controls.[/quote]
The command to Filter ActiveX is the following syntax:
filter activex port local_ip mask foreign_ip mask
To completely block all ActiveX access on port 80, use the following command:
filter activex 80 0 0 0 0
I hope this FAQ has been helpful to you.
Lloyd Severence
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.