Other Security Subjects

Hi All,I try to play with CPPr and I came with the following to drop all packets to closed ports except RIP:class-map type port-filter match-all closed match  closed-portsclass-map type port-filter match-any validPorts match  port udp 520policy-map t...

I started to learn CCNA security, and I'm curious about SSL certificates and CA.Unfortunately I have not found details on the internet that are intersted to me.As an example, how the CA keeps the user's private key, or whether there is a possibility ...

I have a PIX to VPN3000 configuration setup. I find that I can not start a session form the hosts on the PIX side of the VPN but I can establish a session from the hosts behind the VPN3000.I get the error: Tunnel rejected: Policy not found for Src:17...

I am looking for sanitization procedures for a 4510 switch. I need to be able to clear any and all IP information or any data that may be stored on the system. I need something official, but since the contract is expired tech support can't talk to me...

Hi guys,Would you mind to help me figure out this nat issue please? I want to forward smtp port of inside host 192.168.1.22 to outside however it doesnt work. Also packet-tracer indicates that NAT drop it Please help me guys!!!Thank you so much!This ...

Is there anyone who has an custom parser for Cisco ACE ?.Can't understand why it isn't included by default as supported device in Cisco MARS.

After this announcement, register to join Cisco experts for a technical discussion into Application Centric Infrastructure (ACI).REGISTER HERE

Hi guys,recently i have configured the dot1x security feature on the cisco c3650x switches with IOS 15.2(1)E. But when I added voice vlan to the port, the ip phone can't register.My switch port configuration as below:interface GigabitEthernet0/47swit...

I have several routers and switches that are at EOL that I need to declassify before I can get rid of them. Is there a standard method of insuring that all sensitive data is removed. I know that the DOD uses Cisco and must have a process. On the 3200...

I have two ASA 5520 devices I am configuring which require FIPS 140-2 compliance. One of the FIPS 140-2 requirement states that the device must not use 512-bit or 768-bit RSA keys. I generated a key-pair using modulus 1024 which creates a "<Default-R...

Hi,I have just enabled DNS snooping on our ASA5585-X in preparation for enabling Botnet filter.Since we have a fair amount of DNS over TCP and to ensure that I don't leave an easy way around the new protection, I looked at enabling snooping on TCP po...

hi guru, I want to buy a kit of devices to implement a lab of "security" and "routing and switches". Could you tell me the link in the cisco page where suggests the equipment and his images (ios) regards

Hello, I configured the zone based firewall as shown below (it is a C2811 router).Topology is:Webserver(IP:10.2.0.100)----layer2switch----(fa0/0 IP:10.2.0.1) C2811 (fa0/1:10.4.0.1) ------------layer2switch---------clientPC(IP:10.4.0.4)Behavior:Before...