Network Security

Hi All,I have upgraded our PIX from 6.3 to 7.1. But the PIX has stopped accounting VPN traffic.The command "accounting-server-group" is issued in the tunnel-group.In 6.3, I used the command below to enable accounting of VPN traffic. But this command ...

all clients asking for an IP address (via dhcp) get an address starting at 129.168.0.128 and up. i havent made any such configuration on the pix though. the DHCP pool we made is IPs in the range 192.168.1.50-100 (and 192.168.1.150-170 for VPN users)....

Hi,A have an ASA5520, which was running with the image: asa704-4-k8.bin and the ADSM: asdm504-2.binI upgraded the image in 7.0.5, and the ADSM in 5.0.5The ASA boots correctly with this new version 7.0.5, but still boot with the ADSM asdm504-2.bin and...

We have a Pix 515e unlimited firewall. we installed 128MB of RAM in the firewall and upgraded the firewall from software version 6.3 to version 7.2.1. Installed the ASDM on the Pix. Upgrade went as planned. No problems on boot. Since then the fire...

I recently upgraded my PIX 515 from 6.35 to 7.12. Before the upgrade I was able to remote desktop into my servers from home. After the upgrade when I try to connect it appears to be trying to connect. However, I get a message stating the network is b...

I setup ID 3110 (suspicious mail attachment)to deny attacker inline thinking that nobody needs to send those type of attachments and it would cut down on virus's. Worked fine until today when someone internal tried to send one and the IPS blocked my ...

I'm trying in vain to upload access-list changes I've made to a startup-config file for a PIX 515 (version 6.3(4).I can't use the copy command at all. When I add a tftp-server line and try "write net startup-config" doesn't work. I go into "config te...

HiJust bought 2 PIX 515E(PIX-515E-UR-BUN) and are about to setup the box. This came out harder then expected :/After connecting my computer to the box, I am unable to aquire ip address, and the manual said there is a built in dhcp server at 192.168.1...

Recently we noticed that the HTTP POST request containing SOAP application is not passed through the PIX (7.1(2)) with default inspection rule.The message is:--------------------------------------------Hypertext Transfer Protocol POST /rcu/rc.asmx...

Here's a question about the mechanics of how the PIX handles ARP (I think!)Assume, just for example, I had a 'standard' PIX installation. 2 interfaces, inside and outside, on standard security levels. I've a number of external IP addresses I can use ...

I had a question regarding securing our webservers that use IIS. We have 2 options in play. Which one is a better solution to secure IIS from the IIS vulnerabilities and etc...? I know both have advantages and disadvantages.Here's the setup, a Cis...

Just starting out trying to tune some signatures to fit our environment, and looking for clarification on some parameters of IDS signatures.For example: 2152 - ICMP floodIt uses the "Flood Host" engine with the action parameters:Limit type: percent...