Network Security

Question on VMS 2.3 in the SEC MON(sensor is a IDSM2) events I have notice that on one of my sensors the following Alert Detail: Traffic Source int0(other details show int7 as my source):, is this the TCPRESET port? if so I do not have that SIG set t...

I have a 4215 that I have setup inline. In addition, I have given it the ability to use a PIX to block hosts. When the sensor tries to login to the PIX, it triggers the "multiple rapid ssh connections" signature and adds the sensors IP address to t...

Hi, We recently set up a PIX (with Passive FTP mode enabled) which allow1) Outgoing from Internal to External for http,https, dns,ftp, smtp2) Incoming from External to Internal forsmtp, ftp , dns and POP3. We host a mail serverand ftp server for pub...

Hi,We hv a PIX 515E- firewall setup in active/failover mode.Pls refer attached diagram.We hv to use the proxy server which is placed in DMZ as gateway for Inside users browsing.In other words all the internal users will be pointing to the DMZ proxy s...

I have Security Monitor 2.1.0 (Build 123) in a CW VMS 2.3. It collect events from some IOS IPS. The IOS IPS have the correct time. The events generated in the device has the correct time (I can see it with "show log" command). In the device, with "sh...

Our company use a product called Scansafe for web scanning. Every now and then we are sent a report from scansafe along the lines of:"The ScanSafe service discovered a possible virus or malicious code in a Web page or download accessed from within yo...

The 'idsmdc.log' & 'idsmdc.db' file under %NMSROOT%\MDC\Sybase\IDS folder has grown to 10GB & 6 GB respectively. I'm using VMS2.2 on Win2K Machine. What are these files, and how do I prune these files? Is there a perl script available to prune these ...

Hi! I'm wondering if there is the possibility of excluding an IP address from the RESET, even if the rule is matched. Thanks in advanceFrancesco

I am trying to connect to a On-line Game through PIX. But the connection is never successful. After I bypass the PIX, and connect to the Game Server. The connection is OK, and I can play the game. The PIX OS is 7.0.2. And I have uploaded two Sniffer ...

I have a classic EZVPN setup with a VPN3020 as the server and about 20 or so 831 clients. My problem is that you can't issue the qos pre-classify command under an EZVPN profile. In this case how would I prioritize traffic witin the EZVPN tunnel?

i know pix 6.3 support vlan,support 802.1q,i wonder if pix support routing between vlan?

Hello.I have Pix 506e firewall (ver. 6.3)iside ip - 0.0.1.1outside ip - 0.0.0.1So, I have proxy server with ip - 0.0.1.12And I want to configure my Pix to redirect all www traffic from my internal network (0.0.1.0) to proxy (0.0.1.12) port 8080.Can...