Didn?t think of that one! Also you can limit the embryonic connections in the nat command!Example to limit embryonic sessions to 50:nat (inside) 1 access-list Nat-List 0 50on the static command:static (inside,outside) xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy...

Oupps correct it supports only a limited set of signatures i took it for granted that syn attacs was one of themI will se if i can find something out for you Regards//Michel

Hi Well since to my knowledge you cant use the tcp normalization in 6.3 version so you pretty much are left to use the pix?s ids functiontry this:ip audit name PIX-IDS attack action resetip audit interface outside PIX-IDSip audit attack action resetN...

Hi Well if i do understand you correctly what you could do is put a log level at the end of the second ruleExample:access-list outside_access_in line 2 deny tcp any any eq FTP log errorsand then logg for example to to buffer:conf example:logging onlo...

Hi Well humyou have an access-list specified on the access-grouplike:access-list Web-Trafic permit tcp any any eq 80and then an access-group applied to you interface:access-group Web-Trafic in interface outsideif you need to know what hit the "access...