Next message: Ali KAPTAN: "RE: [cisco-ttl] PIX'de cpu %95'lere cikiyor"
Arkadaslar
Cisco pix506 kuracak bir arkadasa ihtiyacimiz var
Bu konuda bize yardimci olabilecek varsa
beni telefon ile veya mail ile acil arayabilirmi
saat mühim degil her an arayabilir.
Saygilarimla
M.Lütfi TEKİN
Dbs Net
Dijital Bilgi Sistemleri
lutfi_at_dbs.net.tr
<www.dbs.net.tr>
0(212)5202035
0(212)5136688 Fax
Çatalcesme Sok No 56
Cagaloglu
İstanbul
-----Original Message-----
From: Serhat Uslay [mailto:serhat.uslay_at_zurich.com.au]
Sent: Per 16 Eylül 2004 01:33
To: cisco-ttl_at_yahoogroups.com
Subject: Re: [cisco-ttl] PIX'de cpu %95'lere cikiyor
"compromised" demek host'da virus var demektir. INterface trafiginde hangi
subnet/host lardan cok fazla trafik geldigine bakarak yada pix'e gelen butun
trafigi IDS'e yollayarak (windows yada Linux uzerinde) anormal trafik olup
olmadigina bakabilirsin. Eger bu trafik fazlasi durup durup dururken yani
ogrenci trafigi sayisi fazla artmadan oldu ise o zaman suphelenmek lazim.
RIP V1 her 30 saniyede routing table'i komsularina yollar. RIP V2 eger
routing table'da degisiklik varsa yollar.
serhat
Please respond to cisco-ttl_at_yahoogroups.com
To: cisco-ttl_at_yahoogroups.com
cc:
Subject: Re: [cisco-ttl] PIX'de cpu %95'lere cikiyor
Verdiginiz adresi gormemistim, iyi oldu.
show xlate bolumunde soyle bir not var;
Note: A single host can have multiple connections to various destinations,
but only
one translation. If the xlate count is much larger than the number of hosts
on your
internal network, it is possible that one of your internal hosts has been
compromised and is spoofing its source address and sending packets out the
PIX.
Sanirim sorunun karsiligi burada. Bahsedilen "compromised" kavramini her ne
kadar
uzlasmak olarak algiladiysam da, pixdeki karsiligini anlayamadim. Internal
hostlardan hangisinin compromised oldugunu ve spoofing yaptigini nasil
anlayacagiz?
Bir de Rip V2 kullanmak gerekiyor mu?
>
> Bunu daha once gordunuz mu bilmiyorum, degilse bir okuyun derim..
>
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note0918
6a008009491c.shtml
> Interface traffiklerine baktinizmi ?
> birde RIP V1 calistirmak icin bir sebep varmi ?
>
> serhat
>
>
Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
e-posta gönderebilirsiniz.
Yahoo! Groups Links
---- This email is intended for the named recipient only. It may
contain information which is confidential, commercially sensitive, or
copyright. If you are not the intended recipient you must not reproduce or
distribute any part of the email, disclose its contents, or take any action
in reliance. If you have received this email in error, please contact the
sender and delete the message. It is your responsibility to scan this email
and any attachments for viruses and other defects. To the extent permitted
by law, Zurich and its associates will not be liable for any loss or damage
arising in any way from this communication including any file attachments.
We may monitor email you send to us, either as a reply to this email or any
email you send to us, to confirm our systems are protected and for
compliance with company policies. Although we take reasonable precautions to
protect the confidentiality of our email systems, we do not warrant the
confidentiality or security of email or attachments we receive.
Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.
Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
e-posta gönderebilirsiniz.
Yahoo! Groups Sponsor
ADVERTISEMENT
----------------------------------------------------------------------------
----
Yahoo! Groups Links
a.. To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
b.. To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe_at_yahoogroups.com
c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
This archive was generated by hypermail 2.1.5
: Thu Sep 16 2004 - 21:34:20 GMT