RE: [fw-wiz] Cisco PIX IDS

From: Melson, Paul (PMelson_at_sequoianet.com)
Date: 01/15/04

  • Next message: DLN Krishna: "[fw-wiz] Handling Invalid Login Requests in Firewall" 
    To: "Derito, Anthony G" <anthony.derito@eds.com>, <firewall-wizards@honor.icsalabs.com>
Date: Thu, 15 Jan 2004 08:55:25 -0500

    http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_me
    ssage_guide_chapter09186a00801582b2.html#1138590

    I don't know if you'll need a CCO login for that or not.

    Remember that the PIX "IDS" features are strictly atomic, meaning that
    they only compare a single packet at a time. Simple fragmentation
    attacks can blow right past a PIX undetected.

    PaulM

    > -----Original Message-----
    > Can anyone tell me where I can find more information on the
    > specific IDS
    > signatures available with the PIX 6.3 software?
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: DLN Krishna: "[fw-wiz] Handling Invalid Login Requests in Firewall"

    Relevant Pages

    • Re: Monitoring Servers
      ... An IDS system on the outside of your PIX is rather pointless (especially if ... it's the "IDS" that comes with the PIX), since you're not seeing what gets ... honeypot inside the network, make sure it's a dark host (has no legitimate ...
      (microsoft.public.security)
    • Re: [fw-wiz] Cisco Pix-IDS Blocking
      ... You will need a more recent IDS image. ... a change which warranted a matching change on the IDS ... I've recently deployed a Cisco Pix 506 ... >doesn't seem to send the shun commands. ...
      (Firewall-Wizards)
    • Re: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewalls
      ... From what i know looking PIXen inside and outside, IDS module is packet capture ... > Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewalls
      ... Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure ... IDS, and network anti-virus in a single box. ...
      (Firewall-Wizards)
    • Cisco pix IDS feature question
      ... We have cisco pix 515E now we want to turn on the IDS feature to block ... IDS has about 60 signatures for example detecting Fyn scans. ... when those attacks passed before enabling the IDS? ... if its dropped packets and the traffic sure passed throw the ...
      (comp.dcom.sys.cisco)