Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5009
Views
5
Helpful
4
Replies

Cisco Bug ID CSCtn29349

Go to solution
ROBERTO TACCON
Level 4
Level 4

‎04-12-2011 02:02 PM - edited ‎03-20-2019 07:54 PM

Hello,

please can someone @ cisco let me see the following Cisco Bug ID CSCtn29349

Regards

Roberto Taccon

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Phillip Remaker
Cisco Employee
Cisco Employee

‎04-12-2011 03:18 PM

The bug is now updated and visible.

If your concern was related to TCP split-handshake issues, you might be interested in

http://tools.cisco.com/security/center/viewAlert.x?alertId=22462

View solution in original post

4 Replies 4

Go to solution
Phillip Remaker
Cisco Employee
Cisco Employee

‎04-12-2011 02:29 PM

All potential bugs at Cisco are assigned a tracking number.  If, upon investigation, the behavior turns out that the observed behavior was due to a misunderstanding or misconfiguration, the bug report is moved into the "J" (Junked) state.

The bug report you cite is in the "Junked" state, meaning that the investegation demonstrated that there was no bug.

0 Helpful

Go to solution
Phillip Remaker
Cisco Employee
Cisco Employee

‎04-12-2011 03:18 PM

The bug is now updated and visible.

If your concern was related to TCP split-handshake issues, you might be interested in

http://tools.cisco.com/security/center/viewAlert.x?alertId=22462

Go to solution
ROBERTO TACCON
Level 4
Level 4
In response to Phillip Remaker

‎05-24-2011 05:17 AM

Hello Phillip ,

in the following blog

http://blogs.cisco.com/security/cisco-investigation-for-tcp-split-handshake-issue-reported-by-nss/#comment-156337

Russ Smoak write:

“For the new test-case, access control list rules can be applied using an access-group and used as additional countermeasures to mitigate and prevent unsolicited connection attempts between the endpoints for a TCP conversation when the client does not abort the connection as defined in the RFC protocol specification for TCP.”

which type of access-list will be configured on the Cisco ASA when the client does not abort the connection ?


Regards

Roberto Taccon

0 Helpful

Go to solution
Phillip Remaker
Cisco Employee
Cisco Employee
In response to ROBERTO TACCON

‎05-30-2011 11:23 PM

Russ Smoak just answered your same question on his blog thread that you mention in your post.  Was that a satisfactory answer or can we help clarify more?

For completeteness, I reproduce the post here:

You can use access lists tune outbound policies initiated by hosts on higher security level interfaces to lower security level interfaces. As an example, you might want to block any outbound session initiation except to update servers that would be hosted on the internet which is a lower security interface. By default, all traffic is allowed to source from higher security interfaces to lower security interfac

0 Helpful
Customers Also Viewed These Support Documents