About brian.carter

brian.carter · 02-08-2002

The HIDS Agent doesn't seem to uninstall properly. It doesn't remove the enterceptAgent service from HKLM/System/CurrentControlSet/Services (even after reboot), and if you try to re-install it, it says 'Agent already Installed'. Deleting the regist...

brian.carter · 12-20-2002

MSN is pretty easy because it uses a fixed port. Some (like Yahoo pager) are difficult because they will find a port that is open. To block the tricky ones, you have to block all of the hosts that they will conect to at the top of your outbound acc...

brian.carter · 12-20-2002

I've done this quite a bit. Just setup a new access-list to define the match traffic, setup a new crypto map with a different number, setup NAT and setup routes to take traffic through your VPN interface. For example:access-list first_vpn permit ip...

brian.carter · 10-16-2002

I just did a quick packet capture for this and it revealed that a connection was made to port 443 during the update. You should be able to just add:access-list acl_dmz permit tcp 172.16.16.0 255.255.255.0 any eq 443hope this helps,Brian

brian.carter · 10-16-2002

I have several of these working on my PIX. The only problem I see with yours is that you used the "http" key word in your statement, which won't work; it should just appear like this:filter url except 0 0 63.192.19.21 255.255.255.255

brian.carter · 10-15-2002

You can get the PIX firewall syslog server here:http://www.cisco.com/cgi-bin/tablebuild.pl/pixYou may also wish to consider www.opensystems.com if you want more advanced reporting. If you have a lot of firewalls, IDS and/or HIDS you may wish to try ...

Member Since	‎08-31-2001 01:59 PM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	16

User Statistics

User Activity

HIDS Agent Uninstall

Re: Blocking hotmail messenger

Re: Need help implementing more than 1 VPN on PIX

Re: Ports denied not shown...

Re: "Filter Url" Command

Re: Syslog tool