Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2838
Views
0
Helpful
1
Replies

Test Case Security Features on FTD

bibek_deo
Level 1
Level 1

‎02-03-2021 06:33 PM

HI,

Pls suggest me how to to do the following tests in FTD

 

(Case 1)

Test Item -Detect Land Attack

Test procedure /Reference - Same Source IP/port to destination IP/Port to be generated on the outside  interface

Expected result - Deny traffic should be shown

 

(Case 2)

Test Item -Win Nuke attack

Test procedure /Reference - traffic to tcp 139 port to be generated on outside interface

Expected result - Deny traffic should be shown

 

I have selected the both options in intrusion policy but not get the idea how to demonstrate the condition and achieve the result.

 

BB

Bibek

 

 

 

0 Helpful
1 Reply 1

Mohammed al Baqari
Level 11
Level 11

‎02-03-2021 11:36 PM

Hi,

Download nping, put it in a machine in the outside zone and use the
following

nping --tcp -p 80 -S 1.1.1.1 1.1.1.1 -- this is for case 1. It should be
blocked by rpf check
nping --tcp -p 139 1.1.1.1 -- this is for case 2

If you enable terminate monitoring on ASA or send syslogs to external
server you can look for the messages.

**** please remember to rate useful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card