I have developed an interest in figuring out how a Cisco PIX firewall works at the hardware and OS level. Certain models of it are based on the Intel SE440BX motherboard, but right after POST, it begins booting off of an proprietary ISA flashcard with its own BIOS. Aside from that card, it's all off-the-shelf Intel PC hardware. What utilities are out there to help me sort out what's going on? I have an EE degree, but I'm rusty and just need a jump-start to get on my way.
Any ideas?
Thanks
Brain
Useful resources for deciphering a Cisco PIX
-
maman
- Master Flasher
- Posts: 173
- Joined: Sun Mar 31, 2002 2:08 pm
- Location: Taka Bonerate National Park, Indonesia
- Contact:
i've been starting to working on such a thing since last year, but unable to continue since I'm waaay tooo busy. For starter, you can use IDA Pro to analyze the binary, free version of IDA Pro disassembler available at :
http://www.dirfile.com/ida_pro_freeware_version.htm
then I've found that the code in the PIX is a.out executable compiled using C language along with its debugging symbols. I wonder what the heck those Cisco engineers were thinking about when they build the binary
. IIRC, the entry point of the PIX binary switches the machine to protected mode (i.e. flat 32-bit protected-mode) and jumps into the a.out binary right away to start executing the C-Compiled binary.
Goodluck, and I hope you'll be kind enough to supply us with your results. Hints will be enough though.
cheers
a.k.a Pinczakko
http://www.dirfile.com/ida_pro_freeware_version.htm
then I've found that the code in the PIX is a.out executable compiled using C language along with its debugging symbols. I wonder what the heck those Cisco engineers were thinking about when they build the binary
. IIRC, the entry point of the PIX binary switches the machine to protected mode (i.e. flat 32-bit protected-mode) and jumps into the a.out binary right away to start executing the C-Compiled binary.Goodluck, and I hope you'll be kind enough to supply us with your results. Hints will be enough though.
cheers
a.k.a Pinczakko
Maman-
I have been looking at your site, and the section on putting an OS on a PCI card is very interesting. Do the principles described therein have direct analogs in the ISA realm? Does it work about the same? If so, that is a great way to get a handle on what occurs when the PIX boots off of the ISA flash card.
Brian
I have been looking at your site, and the section on putting an OS on a PCI card is very interesting. Do the principles described therein have direct analogs in the ISA realm? Does it work about the same? If so, that is a great way to get a handle on what occurs when the PIX boots off of the ISA flash card.
Brian
-
maman
- Master Flasher
- Posts: 173
- Joined: Sun Mar 31, 2002 2:08 pm
- Location: Taka Bonerate National Park, Indonesia
- Contact:
ThanksMRFICHE wrote:Maman-
I have been looking at your site, and the section on putting an OS on a PCI card is very interesting.
not really, ISA doesn't have a "programmable" address space as PCI did. But, I think that the BEV or BCV works the same. Have you read this. That article has an indepth explanation on the BEV/BCV issue.MRFICHE wrote: Do the principles described therein have direct analogs in the ISA realm? Does it work about the same?
