Network Security

Hi. this is a strange one. We have a C7200R (FastEthernet) on one side and a C3500 (FastEthernet) on the other with an IPS4240 in the middle. When changing the IPS unit from "bypass-mode on" to auto the interface on the C7200 router goes down, ie no ...

Should this signature trigger for:GET /\r\nI thought it should trigger for something like:GET /\rHTTP/1.1\r\n\r\n

Problem: A cisco ASA 5520 running slower and slower when surfing. Download speeds are fine.Cpu & memory usage are both low.Suggestions?

I would like to know if I am understanding the vlan assignment in NAC L2 802.1X correctly. As i understand it, once a client has been assigned a "healthy" posture token, they will be put in the "healthy" vlan. Does this mean that every "healthy" user...

A new twist to my ASA tribulations! :)I made a change to an access-list using ASDM, and it didnt work. As a good measure, since things have been in flux with it, I rebooted it via power switch. now it wont come back up. When I boot, I get the followi...

We had sig 5474 fire on two sensors. After looking at the packet and then the Regex in the sig, this just doesn't make sense to me.The Regex:([%]20|[=])[Ss][Ee][Ll][Ee][Cc][Tt]([%]20|[+])[^\r\n\x00-\x19\x7F-\xFF]+([%]20|[+])[Ff][Rr][Oo][Mm]([%]20|[+...

I have a router 1841 with feature IPS, How I let to know if the IPS has blocked a host? What command I can execute?Thanks.

Hi,My current setup is like this Internal -- ISA FW -- PIX515E-R -- ROUTER -- INTERNET. I wrote a static mapping between internal mail server and public ip and allowed through accesslist (only smtp). Now i can able tos end emails and all but not able...

I have a 2611xm with IOS/FW 12.4After enabling IPS, I get the following when I show ip inspect sessions Session 83E4AD08 (192.168.5.101:8)=>(192.168.240.251:0) icmp SIS_OPEN Session 83C84EAC (192.168.5.101:8)=>(192.168.240.170:0) icmp SIS_OPEN Sessio...

This is a little 831 router (12.4.4T) with one private and one public interface connected to a 1000/256 ADSL circuit. There is a VPN to the Head Office with a GRE tunnel and EIGRP.The Tunnels bandwidth is set to 1544 since there is a frame-relay back...

Hi,I do new statics & ACLs in our PIX (v6.3) mostly by following working examples. Usually that works.The other day I tried to put in a new static, but then was unable to ping the outside address. Two things about the inside address I was trying to...