Network Security

We want to enable some customers that are NATed off te inside 10.0.0.0 network to be able to ping and traceroute to destinations outside the Pix. They can traverse the Pix for all other traffic, such as web and email. Customers on the public networs,...

We were testing ips which seemed to break comcast and cox cable users from loading our website. A user from any other isp was not effected. Anyone have an idea?I had roughly 150 signatures enabled using the generic attack-drop.sdf on a 3725 with 256 ...

Newbie here so go easy on me.. I am pulling my hair out on this.What is the proper way to create an event variable for addresses outside my networks? Ie: internet addressesThanksDan

I have a test web server inside our DMZ that accesses a sql server on the inside network. The problem is when I create the access rule access-list DMZ_inf_in permit tcp host 172.16.10.250 eq 1433 host 10.10.2.28 eq 1433 and create the static routesta...

Has anyone configured a Cisco Pix 515e over GPRS (General Packet Radio Service over a mobile phone network) ?Reason I ask is that I tried and as the mobile network provider perform PAT at their gateway (for reserved local addresses to single public I...

One of our most common hosted games suffer greatly at the moment, as we get hit by a mirc script that forces the servers to crash. We have tried to limit the buffer size, i e patching it - but it simply doesnt work against this malware.We are now loo...

Hello all,Does PIX "fixup protocol" command work in both directions? By directions, I mean, from inside to outside and from outside to inside. I know it works for inside to outside, but not sure if it works for outside to inside traffic as well.To be...

I am using three interfaces on a PIX 525. Yesterday I moved a building with multiple subnets from the dmz interface to the inside interface. Most communication is fine. However, I cannot receive inbound connections to one address in one subnet. Th...

Hello. We have a problem where it seems that the PIX is actually dropping all VLANs on a show interface. After a restart they are back and everything works which it did not(of course) do before the reboot. Have anybody seen anything like this? PIX 51...

Hi, Well, I have this strange problem with 6500 and 4215. Everything works just fine, sensor is blocking and no real problem with that.But, I get high cpu usage on my 6500 device whenever IDS is accessing it for ACL configuration.I tried to sniff on ...

Where can I find a listing of the threats that are mitigated. We are comparing/evaluating products, and one primary need is spyware blocking. I know it lists spyware as one of the 'anti-x', but there is no "meat" to the claim. Has anyone installed an...

When an event shows up in the event viewer the details pane to the right has all the details of the event. One of the sections is "Response" it lists "IP Logged: True/false" etc. If I have a sig with an action of "deny packet inline" shouldnt I see s...

Hi--Is the PIX520 capable of handling 7? We have 128MB RAM and 16MB Flash ( meets min specs ) or is the 520 just not powerful enough to handle 7?thx

How to1.edit agent kits to enable network shim once created agent kits2. enable netwok shim for some machines after installing CSA

Folks, The last version of IDS MC i worked with last month would automatically login to CCO and download the lastest signatures, but the signature installation process was manual.My question is that has Cisco come up with a version of IDS MC t...