Other Security Subjects

Greetings,From my inside interface, users have no problem geting Microsoft updates. Not so from within my DMZ. Even though I have the PIX configured to allow the PC in the DMZ to start an outbound connection (i.e. browser can get to web servers on ...

Two Catalyst 3548XL switches are in stack. I need to monitor a port as SPAN port, to put an IDS sensor. I wonder if i can put only one SPAN port to analyze ALL the traffic passing through the 2 switches or i nedd 2 SPAN ports, one for each switch. An...

Hi,The aforementioned 2 commands have been entered on my PIX 520 and all the vpn config disappeared. I have added the config lines back in from a text back up but none of my tunnels work now. I have even set one of them up from scratch now with a new...

The connection to the server below is anonymous ftp that (as far as the user knows) is working fine. Yet we saw this sig hit 208 times yesterday. My host.24.56 208 nimbus.ny.netSignature Sub-Signature Hits Severity Signature Description ...

I am running NAT on my 2611 with a single public ip (for simplicity 1.1.1.1 public ip and 10.10.10.1 internal ip), I have port 53 and 80 forwarded to my internal server 10.10.10.10. If a client on my internal network accesses the 1.1.1.1 address on ...

Ok just scoured CCO no router to router hub and spoke design where some sites are not split tunneled and others are. Any one doing this in their network? I need a samp config of a router that isnt split tunneled. ie do I need a route map to bypass...

again in MSFC...I have read that on the switch Catalyst 6000 it is possible to use port 15/1 (or 16/1) as a SPAN source that will allow it to monitor traffic forwarded to the Multilayer Switch Feature Card (MSFC). So I'd like to know if i can use th...

HiI have a two-tier CA architecture - an offline root CA, which signs the certificates of two online issuing CAs.In order to get this to work, I need to authenticate BOTH the issuing CA *and* the root CA on the VPN endpoints (IOS routers) - using the...

Hi,I've been stumped for a few days already. Here's the scenario.Router A is directly connected to Router B via E1 v.35 interfaces (linkC).Router A is connected to Internet at point A v.35Router B is also connected to Internet at point B v.35Router A...

Problem is related to the shunning router.IDSM's are configured to monitor DMZ's and Outside interfaces of a PIX.If an attack occurs on the Outside of the PIX, the IDSM's are able to shun the Internet-router on the incomming traffic of the serial-int...

PIX 515I hope someone can help.I have a secondary ip network on an internal router. The primary ip network will pass through the PIX ok, but the secondary will not. Would ASA or ICMP redirects be causing this issue?Anyone had a similar problem or kn...

We are wanting to save our logs to a MSSql db either directly from the ids machines or by export from cspm or idsmc....I have searched through the archives and have tried -http://www.cisco.com/univercd/cc/td/doc/product/ismg/policy/ver23i/idsguide/ch...

Is there a rule of thumb when it comes to the understanding the overhead enabling 3 DES has on a router?? IE 806, 2511 or 3640???

Does anyone know if the IDS Blade for the 6500 running 3.0(5) supports the web interface?

When I implement filtering for some hosts and tune/disable some signatures signature 993 triggers, and it says percent of packet drops is around 90%. As far as I learnt this is said to be a bug of IDS, and to be resolved with v4.0. Is any of you awar...