https://community.cisco.com/t5/network-security/help/m-p/1049339#M896661 <HTML><HEAD></HEAD><BODY><P>I blocked the address from any inside hosts as well. </P><P></P><P>Does anyone have any suggestion/idea how to prevent this from happening? Is any product or script that we can implement to automatically block the IP for both ASA and PIX?</P><P></P><P>thanks,</P></BODY></HTML> Wed, 10 Sep 2008 19:36:48 GMT gpan667788 2008-09-10T19:36:48Z https://community.cisco.com/t5/network-security/help/m-p/1049337#M896652 <P>Hello all,</P><P></P><P>I have two PIX-515 with ver 6.3(4) failover to each one. My monitoring tool tells us a hacker from China is hacking our SQL database. I blocked the hacker's IP address on the outside interface of PIX and clear the session. After that, I don't see it by issuing "sh conn | i x.x.x.x". But my monitoring tool still tells us the hacker still in our network. Can anyone help me to find out how to block/stop the hacker?</P><P></P><P>thanks,</P><P>Gene</P> Mon, 11 Mar 2019 13:41:56 GMT https://community.cisco.com/t5/network-security/help/m-p/1049337#M896652 gpan667788 2019-03-11T13:41:56Z https://community.cisco.com/t5/network-security/help/m-p/1049338#M896657 <HTML><HEAD></HEAD><BODY><P>somtimes the hackers install a spy or hosting sofware in PC in the private lan so the connection will be established from the inside to outside then the firewall wall will not block it</P><P></P><P>scan ur LAN as well</P></BODY></HTML> Wed, 10 Sep 2008 06:17:19 GMT https://community.cisco.com/t5/network-security/help/m-p/1049338#M896657 Marwan ALshawi 2008-09-10T06:17:19Z https://community.cisco.com/t5/network-security/help/m-p/1049339#M896661 <HTML><HEAD></HEAD><BODY><P>I blocked the address from any inside hosts as well. </P><P></P><P>Does anyone have any suggestion/idea how to prevent this from happening? Is any product or script that we can implement to automatically block the IP for both ASA and PIX?</P><P></P><P>thanks,</P></BODY></HTML> Wed, 10 Sep 2008 19:36:48 GMT https://community.cisco.com/t5/network-security/help/m-p/1049339#M896661 gpan667788 2008-09-10T19:36:48Z https://community.cisco.com/t5/network-security/help/m-p/1049340#M896663 <HTML><HEAD></HEAD><BODY><P>Have you tried routing the offending address to Null your routers and seeing if the monitoring tool still picks it up?</P></BODY></HTML> Tue, 16 Sep 2008 14:36:45 GMT https://community.cisco.com/t5/network-security/help/m-p/1049340#M896663 Mel Popple 2008-09-16T14:36:45Z