[cisco-ttl] Re: PIX'de cpu %95'lere cikiyor

From: serust (sustundag_at_tepum.com.tr)
Date: Wed Sep 15 2004 - 10:07:58 GMT

  • Next message: A.Murat BAYRAM: "Re: [cisco-ttl] PIX'de cpu %95'lere cikiyor"

    Aslinda o ifade soyle yorumlanmali
    Statik ip ile cikis yapiliyorsa evet bir tane xlate gozukur gozukmeli
    sh xlate ile bakildiginda ama PAT ile cikislarda birip'ye birden
    fazla xlate karsilik gelir ki dorusu da budur
    iste canli bir ornek...
    sh xlate=

    Global x.x.x.x Local 192.168.1.210
    PAT Global x.x.x.x (4786) Local 192.168.1.230(1948)
    PAT Global x.x.x.x (23044) Local 192.168.1.230(1148)
    PAT Global x.x.x.x (5633) Local 192.168.1.181(1112)
    PAT Global x.x.x.x 29222) Local 192.168.1.181(3335)
    PAT Global x.x.x.x (29223) Local 192.168.1.181(3336)
    PAT Global x.x.x.x (23076) Local 192.168.1.230(1176)
    --- In cisco-ttl_at_yahoogroups.com, "A.Murat BAYRAM" <mbayram_at_y...>
    wrote:
    > Verdiginiz adresi gormemistim, iyi oldu.
    > show xlate bolumunde soyle bir not var;
    >
    > Note: A single host can have multiple connections to various
    destinations, but only
    > one translation. If the xlate count is much larger than the number
    of hosts on your
    > internal network, it is possible that one of your internal hosts
    has been
    > compromised and is spoofing its source address and sending packets
    out the PIX.
    >
    > Sanirim sorunun karsiligi burada. Bahsedilen "compromised"
    kavramini her ne kadar
    > uzlasmak olarak algiladiysam da, pixdeki karsiligini anlayamadim.
    Internal
    > hostlardan hangisinin compromised oldugunu ve spoofing yaptigini
    nasil anlayacagiz?
    >
    > Bir de Rip V2 kullanmak gerekiyor mu?
    >
    >
    > >
    > > Bunu daha once gordunuz mu bilmiyorum, degilse bir okuyun derim..
    > >
    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_no
    te09186a008009491c.shtml
    > > Interface traffiklerine baktinizmi ?
    > > birde RIP V1 calistirmak icin bir sebep varmi ?
    > >
    > > serhat
    > >
    > >

    ------------------------ Yahoo! Groups Sponsor --------------------~-->
    Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
    Now with Pop-Up Blocker. Get it for free!
    http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/26EolB/TM
    --------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Wed Sep 15 2004 - 14:09:47 GMT