Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I want to do the following:Only if the target of the attack is MailSrvand the RR > 85--->block attackerIf target is any other host -->don't block===========My problem is that I cannot specify the dst IP in the event action override.So my only choice ...
Can someone please explain briefly when should I use the HTTP/FTP AIC signature engine over any other type?I ask this question because for instance the FTP commands can be looked for in either String TCP engine, Atomic TCP or FTP AIC engine, but whic...
I am trying to set up an l2l tunnel between 2 pix firewalls. I used sysopt connection permit-ipsec to bypass the acl on the outside int. The interesting traffic is set to permit any any. When I ping from one side to another the tunnel establishes wit...
The setup is as in the attached picture.Pix config is as follows:access-list DMZ extended permit icmp host Pubsrv anyaccess-list ACLIN extended permit tcp any host 172.31.0.5 eq wwwaccess-list ACLIN extended permit tcp any host 172.31.0.5 eq ftpacces...
the config I put above is the full config minus the interface configs.(which are correct). look at the attached picture to see the topology.my question is this. when I am on an inside host (Internal Server or Workstation) and I make ftp 192.168.1.2 (...
