Other Security Subjects

I have a PIX515E firewall, How can I block some sites that contains aspecific keywords, like "sex" for example?

Every time I make a clear access-list and read in a updated access-list, used memory is increasing. I start with 256 MB used memory and now after two months and a number of updates I have 794 MB used memory. Do I have to reload the FWSM to fix this p...

I have my soho set up to deny any incoming traffic, I would like to log all incoming traffic and its source, but I am kind of at a loss.Any suggestions? Thanks

I have a 4215 and my requirements are to sniff on four different segments of my network.Question:* Do I need to add a 4-FE card to fulfill this requirement?* Or, can I configure the SPAN ports on my switches and route the traffic out to a different p...

Can anyone tell me the difference between NAT-Transparency (ietf draft) and NAT over TCP/UDP from Cisco (IPSec/NAT).Is there any benefits on using IPSec/NAT instead of NAT Transparency?I heard that NAT over TCP/UDP is a Cisco's proprietary implementa...

Hello,The network configuration of CSIDSv4 is below.$ dmesg | grep duplexe100: eth1 NIC Link is Up 100 Mbps Half duplexe100: eth1 NIC Link is Up 100 Mbps Half duplexe100: eth0 NIC Link is Up 100 Mbps Half duplexIf We use "Half duplex", Does IDS drop ...

Hello team,I have a unique policy NAT kind of a requirement.Description of the network:External customers-----------Internet cloud-------PIX (FWSM blade) ---------SVR-1 + SVR-2 (10.10.0.46) (10.10.0.47)Two external IPs are mapped to two in...

I have been playing around with 802.1x in my lab. I have it working with 3550, ACS and Active Directory. I would like to enable 802.1x authentication on all ports in my environment. That presents a problem for devices that don't have a supplicant,...

This issue has been raised previously; it's gained some visibility recently out at SANS although so far no one has an answer. I and a number of other folks occaisionaly see two or three alerts in a row regarding IP fragments, with the source and des...

Hi,anyone have a good list or configuration guideline that tells you how to effectively block these instant messaging applications on the PIX firewall?- AOL Instant Messenger- MSN Messenger- Yahoo! Messenger- ICQHave several customers who need this k...

How can I test my IDS to see if it is working? Have not been able to detect any shun blocks in my PIX 515. Not sure my IDS is triggering shuns to the PIX?

Hello,I have multiple issues with changing IP/hostnames, or in one case same host name, new mac. In about 30-50% of the times/cases, I can simply clear arp on both our cisco 2600 router and on the cisco pix and get things work fine again. However, in...

Hi.We are running a PIX 506E firewall in our company. I know that failover on this model isn't an option. So I bourght another PIX 506E to backup the running one if it should die on me. I savde the running configuration of the PIX that is running on ...