Other Security Subjects

Hi,I have two questions concerning the use of CoPP on internet routers:1- Can CoPP and CoPr replace somehow the use of ACLs on ISP facing interfaces2- I was going through the best practises guide of CoPP and didn't clearly understand if all data plan...

I have a student who wants to turn on Netflow on his WAN links but he has a concern. The WAN is not heavily utilized during the day, file sharing and Citrix traffic are not heavy. However, during the night traffic levels spike due to backup traffic a...

Hi,I would like to know if the following IOS version only supports ssh v.1.99 or if it supports true ssh v.2. The IOS is 12.4(13r)T Our Nessus scans continue to kick back the vulnerability due to the 1.99 option which allows version 1 ssh connections...

Hello,I have a few Remote access ASAs that are firewalls an VPN devices. Everytime i rediscover the policies (since people make changes via CLI) i reimports my policy objects an renames them everytime.Example are my VPN user policies, i have one call...

I am constantly required to login to MARS when I change pages. For instance, if I am configuring alerts and close the pop-up windows to return to the Admin tab and add a user, it logs me out. Any idea why I should have to login over and over? Than...

May I ask a very basic question?Which interface should be put into Security Management VLAN? eth0 or eth1?Thanks,Cedar

cannot seem to get bidirectional nat working on a 2801 running 12.4.ip nat inside source static 10.1.1.1 66.170.199.205With this static nat entry you can get to the inside host at 66.170.199.205, but 10.1.1.1 send traffic source nat'd to 66.170.199.2...

We have over 100 networks, with 1 to 2 servers with CSA 5.2 on them in each network. We stagger vulnerability scans on each network quarterly. Is there a way, to remove or filter the alerts for the IP address that scans these networks?I've attempted ...

I read a Cisco document (ID 13634) about strategies to protect against DDOS attacks configuring features like rate limiting. Are these strategies just for CPE Cisco routers? Or it could be configured in backbone routers.

I need to enable SNMP on a MARS 6.x box, so it can be remotely monitored and provide health metrics. Does anyone know how to do this? I thought the old 4.x had it installed, but disabled. I can't remember how I enabled it and need to do this on a 6.x...

I have a Cisco 871 router a client site that I'm using for Internet access and they wanted various sites blocked, so I set up "ip urlfilter":ip urlfilter source-interface Vlan1ip urlfilter allow-mode onip urlfilter exclusive-domain deny .youtube.comi...

I have a generic question about outbound gotomypc.com sessions. Does anyone know if there have been verifiable instances of security breaches via gotomypc sessions?I'm trying to determine exactly what the measureable risk is with allowing outbound g...

Is there webpage on Cisco.com for sanitizing routers and switches. I have a process to use for this type of operation. Just need some documentation to support it.

Hi all. i upgraded my cisco asa from version7.1(2) to 7.2(4) using asdm. After that i was unable to launch from my asdm as the asdm file in my asa config is of 5.1. I tried to use tftp to upload 5.2 asdm image but unable to do so. I tried to load my ...