© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention.

Slides:



Advertisements
Similar presentations
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1 Building a Simple Network Understanding the TCP/IP Internet Layer.
CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.
© 2003, Cisco Systems, Inc. All rights reserved. FNS 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.
CCNA 1 v3.1 Module 11 Review.
History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 6 Switch Configuration.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1. 2 Device management refers to the IDS Sensor's ability to dynamically reconfigure the filters and access control lists (ACL) on a router, switch, and.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.
Defense Techniques Sepehr Sadra Tehran Co. Ltd. Ali Shayan November 2008.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 9 Intermediate TCP/IP/ Access Control Lists (ACLs)
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 7 – Secure Network Architecture and Management.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 6 City College.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
Modular Policy Framework (MPF)
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Module 7: Advanced Application and Web Filtering.
PIX Firewall An example of a stateful packet filter. Can also work on higher layers of protocols (FTP, RealAudio, etc.) Runs on its own OS.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Configuring the PIX Firewall Presented by Drew Spesard.
Configuring AAA requires four basic steps: 1.Enable AAA (new-model). 2.Configure security server network parameters. 3.Define one or more method lists.
Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—10-1 Lesson 10 Attack Guards, Intrusion Detection, and Shunning.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—7-1 Lesson 7 Access Control Lists and Content Filtering.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—6-1 Lesson 6 Translations and Connections.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—3-1 Lesson 3 Cisco PIX Firewall Technology and Features.
Lesson 2a © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—2-1 Firewall Technologies and the Cisco Security Appliance.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 4 Learning About Other Devices.
Lesson 4 © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—4-1 Understanding Translations and Connections.
IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 8 JEOPADY Q&A by SMBender, Template by K. Martin.
© 2002, Cisco Systems, Inc. All rights reserved..
Cisco Exam Questions IMPLEMENTING CISCO IOS NETWORK SECURITY (IINS V2.0) VERSION: Presents: 1.
© 2001, Cisco Systems, Inc. CSPFA 2.0—5-1 Chapter 5 Cisco PIX Firewall Translations.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—9-1 Lesson 9 Advanced Protocol Handling.
1 © 1999, Cisco Systems, Inc. 1293_07F9_c1 LocalDirector Version3.1.
Module 4: Configuring Site to Site VPN with Pre-shared keys
PIX Firewall An example of a stateful packet filter.
Instructor Materials Chapter 5: Network Security and Monitoring
Working at a Small-to-Medium Business or ISP – Chapter 8
Cisco IOS Firewall Context-Based Access Control Configuration
Cisco ASA Express Security
Chapter 5: Network Security and Monitoring
Chapter 8: Monitoring the Network
PIX Firewall An example of a stateful packet filter.
Firewalls Chapter 8.
46 to 1500 bytes TYPE CODE CHECKSUM IDENTIFIER SEQUENCE NUMBER OPTIONAL DATA ICMP Echo message.
Presentation transcript:

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention

© 2006 Cisco Systems, Inc. All rights reserved. Lesson 2.2 Configure Attack Guards on the PIX Security Appliance Module 2: Configure Network Intrusion Detection and Prevention

© 2006 Cisco Systems, Inc. All rights reserved. SNMP Inspection asa1(config)# snmp-map SNMP_DENY_V1 asa1(config-snmp-map)# deny version 1... asa1(config)# policy-map global_policy asa1(config-pmap)# class class-default asa1(config-pmap-c)# inspect snmp SNMP_DENY_V1... asa1(config)# service-policy global_policy global snmp-map: To deny a specific version of SNMP inspect snmp: To enable SNMP application inspection SNMP manager Traps SNMP- Managed Device SNMP v1 Internet

© 2006 Cisco Systems, Inc. All rights reserved. Monitors all UDP transactions on port 53:  Tracks DNS request ID and opens a connection slot  Closes connection slot immediately after answer is received  Translates the DNS A record – Before release 6.2: alias command – Release 6.2 and later: DNS record translation  Reassembles the DNS packet to verify its length (default = 512 bytes) DNS Server Client Request Response DNS Inspection

© 2006 Cisco Systems, Inc. All rights reserved. FragGuard and Virtual Reassembly

© 2006 Cisco Systems, Inc. All rights reserved. Default Fragment Configuration

© 2006 Cisco Systems, Inc. All rights reserved. Fragment command

© 2006 Cisco Systems, Inc. All rights reserved. Show fragment

© 2006 Cisco Systems, Inc. All rights reserved. AAA Floodguard

© 2006 Cisco Systems, Inc. All rights reserved. SYN Flood attack

© 2006 Cisco Systems, Inc. All rights reserved. TCP Intercept

© 2006 Cisco Systems, Inc. All rights reserved. SYN Cookies

© 2006 Cisco Systems, Inc. All rights reserved. Embryonic connection limit

© 2006 Cisco Systems, Inc. All rights reserved. Q and A

© 2006 Cisco Systems, Inc. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.