About mabusedira

mabusedira · 05-11-2006

I want to do the following:Only if the target of the attack is MailSrvand the RR > 85--->block attackerIf target is any other host -->don't block===========My problem is that I cannot specify the dst IP in the event action override.So my only choice ...

mabusedira · 05-10-2006

Can someone please explain briefly when should I use the HTTP/FTP AIC signature engine over any other type?I ask this question because for instance the FTP commands can be looked for in either String TCP engine, Atomic TCP or FTP AIC engine, but whic...

mabusedira · 04-25-2006

I am trying to set up an l2l tunnel between 2 pix firewalls. I used sysopt connection permit-ipsec to bypass the acl on the outside int. The interesting traffic is set to permit any any. When I ping from one side to another the tunnel establishes wit...

mabusedira · 04-24-2006

The setup is as in the attached picture.Pix config is as follows:access-list DMZ extended permit icmp host Pubsrv anyaccess-list ACLIN extended permit tcp any host 172.31.0.5 eq wwwaccess-list ACLIN extended permit tcp any host 172.31.0.5 eq ftpacces...

mabusedira · 05-11-2006

I will try to make it more clear.I want everything to behave normally.Only when attacks are on MailSrv I want to block.

mabusedira · 04-25-2006

the config I put above is the full config minus the interface configs.(which are correct). look at the attached picture to see the topology.my question is this. when I am on an inside host (Internal Server or Workstation) and I make ftp 192.168.1.2 (...

Member Since	‎04-23-2006 10:37 PM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	6

User Statistics

User Activity

block attacker only if target is specific host only

AIC signature engine

tnnel establishes only with ping

Connet to DMZ server from insdie host using the DMZ outside IP

Re: block attacker only if target is specific host only

Re: Connet to DMZ server from insdie host using the DMZ outside