Other Security Subjects

Is it possible to block traffic for a certain time (e.g. 5 minutes) for an address range (all users in 192.16.18.0) after a TCP SYN flooding attack has occured?To prevent the SYN flooding we use the ip tcp intercept command, but with that, there is n...

Hi,I have a FTP Server on the DMZ interface, for which i want to allow Inside Users Access.With the current configuration, i have ALL inside users being NATed to the Outside Interface for Web Access.< nat (inside) 1 0.0.0.0 0.0.0.0 0 0><global (outsi...

Hi alli want to block access to a web site ip 65.89.168.6 using a outbound statement.This is the config so far:outbound 10 deny 65.89.168.6 255.255.255.255 80 tcpoutbound 10 permit 0.0.0.0 0.0.0.0 0 tcpapply (outside) 10 outgoing_destI've used an o...

question: under the cspm2.3.3i, how do you set up the cspm server to bring the event logs to the SQL server -or is it possible -thinking about integrating Oracle back end . Are there SQL schemas available? Where could I get more info -- been looking ...

Hosts on an internal subnet that is 2 hops away are unable to connect to our DMZ. Here's the network layout...192.168.50.0<DMZ<---PIX<---192.168.0.0<---192.168.3.0Hosts on the 192.168.3.0 cannot access the 192.168.50.0 hosts on the DMZ unless aided ...

The router is a 3620 IOS 12.0(24), with an ethernet and a serial interface. Each interface has a pair of inbound and outbound ACLs, which are exact reciprocals of each other. A single test packet that matches any entry (either permit or deny) should ...

Hi,When doing some Exceptions with the Host IDS console, the documentation is a bit confusing about the format of a wildcard in the "Advanced details" panel. The "Entercept" documentation :D:\subdirectory1\*and Cisco Host IDS documentation says :D:...

I have heard a rumor that a program/app/utility exists that will take the access rules and conduits list from the pix and convert it into access lists.Has anyone also heard this ? Has anyone found this?Thank you

Dear All:I made a ports scanner to one of my routers cisco 7200 , and i found the following ports are opened "1- 23 Telnet2-80 HTTP3-2001 remote control software4-9001 cisco Xremote service5-4001 cisco virtual terminal6-6001 cisco virtual terminali w...

I was checking some things on a 515 PIX that I have. This firewall has about 20 people that use it to VPN to our network. They use the latest Cisco VPN client.Well I ran this command to see who was on at that moment:show isa saand what I saw surprise...

I'm configuring a number of devices with site-to-site VPNs, using Microsoft Windows 2000 Certificate Services to provide the certificates.I have got the connections up and running successfully; however, when downloading the CRL I find that it does no...

Hi :I am new to HIDS. When I am seeing the alerts in the console, I only see the workstation name in the Advanced details of the alert. Is there a way to display IP address instead of name in there?THanx in advance

Is there a way in Cisco Pix to go from a higer security level to a lower security level without using static nat. I have an application that does not work with NAT. It needs to go from and DMZ_ZONE security level 20 to Internal_Network security lev...

I would like to remove the following entries from a 1710 Router. crypto isakmp key ***** address 205.206.*.*!crypto map cfmap 20 ipsec-isakmp set peer 205.206.*.* set transform-set ts1 match address 102!access-list 102 remark Crypto traffic to 1710 a...

I am trying to get management authentication working using TACACS from a 350AP running FW 12.0T. The requests hit the ACS server but I get the message author failed (service denied service=aironet protocol=shell). It seems that I have something wrong...