Other Security Subjects

Hi,I have been tasked with redesigning our DMZ environment. Presently we have Pix 515e's in f/o bundle, which has inside, outside, and dmz interfaces.Due to security requirements we now have a need to create a multi-layer firewall architecture (2 ASA...

ASDM has been working fine, but has now decided to stop working. When I try to start it, it now goes into a loop showing 'Parsing Running Configuration', followed by 'Verifying Running Configuration', then back to the beginning again.Any ideas?ASDM 5...

Hello,I have an event which system functions are executed from a buffer. I would like to figure out if there is a way to match just that pattern for that function that the software calls or not.Atypical System Behavior Checks Access system function...

Any suggestion for a good place to get CISSP ILT based training?

Hi AllI have a PIX 515E installed in my network having 150 PC. And I want to block MSN and yahoo for all users except for some particular user.Can u tell me how ca i block this thru PIX.Thanks.

Hi! I have a problem on permitting H323 traffic through a PIX 520 IOS ver 6.3 (3).These are rules setted to allow traffic:fixup protocol h323 h225 1720fixup protocol h323 ras 1718-1719 They don't seem to be working (I tried also to add ACLs without ...

I have just migrated to PIX V7.11 and ASDM V5.11 (from PIX V6.3, PDM V3):Interesting function is the capability to get the real-time syslogs messages, and the very nice function (just available in ASDM 5.11, not in 5.04) that allows to select 1 syslo...

Is it possible to do this on a per host basis? The problem we are having is that the PIX has too many open UDP connections and then can't open new ones hence affecting other users. Finding the one/ones with thousands on connections and clearing the...

I have a PIX 515E with 3 interfaces. I've setup 2 interface pixes before but am finding the dmz more difficult so would really appreciate some advice!inside=LANA + PRIVATE NETWORKSdmz=LANBoutside=internetLANA = 212.167.25.0/24 (example public address...

I'm trying to get CRL working on a Cisco 3015 or 3020. IPsec with certificates is working fine. But I want to make sure revoked certificates won't give you access. However enabling CRL checking results I nobody getting access.I tried first "Use CRL d...

Hi, It is the description in the Cisco Web. If the message is showned too many,Is it a signal of attack ? Or other possible reason ? Thanks ! 2006-02-08 08:04:26 Local4.Info 10.54.2.2 %PIX-6-106015: Deny TCP (no connection) from 172.27.1.253/1061 to ...

Is there any way to adjust the TCP timeout for a specific address and leave everything else at its default? I have a device that communicates in a way that its TCP session will drop after a while, and I need it to stay open. I don't want this to be t...

I'd like to block "Go to my PC" in my company. What is the best way to achieve this? Block their IP ranges? Ports?