Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention.

Published byEvan Gardner Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention."— Presentation transcript:

1 © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention

2 © 2006 Cisco Systems, Inc. All rights reserved. Lesson 2.2 Configure Attack Guards on the PIX Security Appliance Module 2: Configure Network Intrusion Detection and Prevention

3 © 2006 Cisco Systems, Inc. All rights reserved. SNMP Inspection asa1(config)# snmp-map SNMP_DENY_V1 asa1(config-snmp-map)# deny version 1... asa1(config)# policy-map global_policy asa1(config-pmap)# class class-default asa1(config-pmap-c)# inspect snmp SNMP_DENY_V1... asa1(config)# service-policy global_policy global snmp-map: To deny a specific version of SNMP inspect snmp: To enable SNMP application inspection SNMP manager 10.0.0.3 10.0.0.11.19 Traps SNMP- Managed Device SNMP v1 Internet

4 © 2006 Cisco Systems, Inc. All rights reserved. Monitors all UDP transactions on port 53:  Tracks DNS request ID and opens a connection slot  Closes connection slot immediately after answer is received  Translates the DNS A record – Before release 6.2: alias command – Release 6.2 and later: DNS record translation  Reassembles the DNS packet to verify its length (default = 512 bytes) DNS Server Client 105053 Request Response DNS Inspection

5 © 2006 Cisco Systems, Inc. All rights reserved. FragGuard and Virtual Reassembly

6 © 2006 Cisco Systems, Inc. All rights reserved. Default Fragment Configuration

7 © 2006 Cisco Systems, Inc. All rights reserved. Fragment command

8 © 2006 Cisco Systems, Inc. All rights reserved. Show fragment

9 © 2006 Cisco Systems, Inc. All rights reserved. AAA Floodguard

10 © 2006 Cisco Systems, Inc. All rights reserved. SYN Flood attack

11 © 2006 Cisco Systems, Inc. All rights reserved. TCP Intercept

12 © 2006 Cisco Systems, Inc. All rights reserved. SYN Cookies

13 © 2006 Cisco Systems, Inc. All rights reserved. Embryonic connection limit

14 © 2006 Cisco Systems, Inc. All rights reserved. Q and A

15 © 2006 Cisco Systems, Inc. All rights reserved.

Download ppt "© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 2: Configure Network Intrusion Detection and Prevention."

Similar presentations

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1 Building a Simple Network Understanding the TCP/IP Internet Layer.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1 Building a Simple Network Understanding the TCP/IP Internet Layer.
CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.

CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.
© 2003, Cisco Systems, Inc. All rights reserved. FNS 1.0—12-1 111 © 2003, Cisco Systems, Inc. All rights reserved.

© 2003, Cisco Systems, Inc. All rights reserved. FNS 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.
CCNA 1 v3.1 Module 11 Review.

CCNA 1 v3.1 Module 11 Review.
History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.

History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.

Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering  Firewall examine incoming.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.

Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.

Similar presentations

Ads by Google