Other Security Subjects

Dont know why or what keeps causing this to trigger. Should it be denied or allowed? The Process 'C:\WINDOWS\SYSTEM32\cmd.exe' (user) attemped to access 'C:\WINDOWS\SYSTEM32\drivers\etc\services'. The attempted access was a write (operation = OPEN/ ...

Hello,I'm running FWSM 2.3 and was looking at the advantages of 3.1. Does anyone have any information as to issues they have had with 3.1Patrick

On 2821 IosFW 12.4(5a), I have:ip inspect name Firewall pptp audit-trail on timeout 3600ip access-list extended Acl_Inside permit tcp host XXXX host YYYY eq 1723 permit gre host XXXX host yyyyIn audit-trail log, I have:Mar 15 14:50:40 router 1239...

R1 and R2 connected through Ethernet cable (12.0.0.1 and 12.0.0.2 respectively)Part of the configuration is this :R1#show runBuilding configuration...Current configuration : 869 bytes!version 12.2service timestamps debug uptimeservice timestamps log ...

Due to recommendations from a security audit, the IOS network infrastructure must be managed through SSH v2, SSL or some other encrypted protocol. Currently for our routers, switches, firewalls, CSS, and APs we use TACACS+ and Telnet. What steps are ...

I am looking for some informaiton on setting up and discussing the basics of a DMZ.

Hi,I am trying to figure out how NAT works with multiple NAT pools overload.I have a major network 1.0.0.0/8 my current NAT is for the subnet 10.16.20.0/24 with overload however I want to add another NAT Pool that will cover the entire network 10.0.0...

Hi all,Having static nat'ed inside to DMZ like this :static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0(Where 192.168.1.0 is the inside network)My issue is that I dont see any hits on my access-list bound to the access-groups on the tw...

I am working to convert a 6.3(1) config from conduit to ACL so I can upgrade the code. Output interpreter will not offer conversion suggestions because of an alias command in the config.Situation: Static inbound nat from outside to dmz with destina...

The web interface of my admin locked up just a litle bit ago. I was working on TFTP'ing some files and the admin stopped working. Right now I think connected users are okay, but I cannot start the admin or connect using the WebVPN. Any ideas? Tha...

the procedure to add a new entry in access list1)no access-list dmz deny ip any any( make changes)or2) if there is no entry access-list dmz deny ip any anythen can use no access-list dmz deny ip any any(make changes)or compile the whole ACL

Has anyone seen or heard of the effects that the McAfee DAT 4715? Was anyone running CSA - and if so, how did it respond? I'm anxious to find out if CSA would have stopped this behavior...http://isc.sans.org/

I'm wondering what's the best way to mitigate having the "ip directed-broadcast" enable on the LAN interface in a multi-site private network.We need to enable this to implement Wake On LAN, but want to minimize security threats as much as possible.Re...

I cannot figure out why outside access cannot get to our web server via HTTPS. We have PIX 520 running 6.2. When I do a port scan for 443 it does not show it open even if I configure the ACL for HTTPS access. Thanks for the assistance.

Hi all Forum.I've got a pair of pix515 with a fresh 7.0(4) PIXOS configured in statefull failover configuration with Serial Based failover connection.Looking at the Syslog message i repeatly see message from the standby unit like this:%PIX-3-210007: ...