Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I get a lot of 'TCP SYN Host Sweep On Same Dest Port' events on my network that I want to filter out. All the events with destination port 0 are false positives since this is normal behaviour for many operating systems when starting a connection.Unfo...
I have just received an IPS-4255 with v6 software and am learning to configure it. I want to maintain a list of known p2p abusers in our network and block their ip addresses using the IPS. At the moment the IPS is not in inline mode so I want to use ...
It seems to me these features serve similar functions. Does CBAC essentially supercede reflexive access-lists due to the ability to recongnise application traffic such as FTP which RACL's cannot? Can the two coexist to allow RACLs to match applicatio...
Two good reason come to mind:1) You can't block traffic that uses dynamic ports with an ACL (notwithstanding nbar)2) If I can't do it easily with the IPS, why do I need an IPS?
Ok, you can use the feature navigator at the software center:http://www.cisco.com/kobayashi/sw-center/index.shtmlIt's actually linked under Tools -> Software Advisor.Click on 'Find software with the features I need'. Should be self-explanatory from t...
You could try one of the other firewall features e.g. IDS or CBAC. IDS is really the ideal one for this situation but much more complicated to implement than TCP Intercept.
What is full image name running on your router?ou need an IPSEC image, i.e. a 12.3(2)XE IP Plus IPSEC56 verion of IOS.Note that some images only support DES encryption, others allow 3DES or DES. Most software clients will not have these settings as t...
