RE: [cisco-ttl] PIX'de cpu %95'lere cikiyor

From: Ali KAPTAN (ali.kaptan_at_alikaptan.name.tr)
Date: Fri Sep 17 2004 - 14:10:33 GMT

  • Next message: Oguzhan Kayhan: "[cisco-ttl] ppp compression"

    0 533 472 41 13

     

    Beni ararsanız size yardımcı olabilirim.

     

     

    Kolay gelsin

     

      _____

    From: Lutfi Tekin [mailto:lutfi_at_dbs.net.tr]
    Sent: Thursday, September 16, 2004 12:42 PM
    To: cisco-ttl_at_yahoogroups.com
    Subject: RE: [cisco-ttl] PIX'de cpu %95'lere cikiyor

     

    Arkadaşlar

    Cisco pix506 kuracak bir arkadaşa ihtiyacımız var

    Bu konuda bize yardımcı olabilecek varsa

    beni telefon ile veya mail ile acil arayabilirmi

    saat mühim değil her an arayabilir.

    Saygılarımla

     

    M.Lütfi TEKÝN
    Dbs Net
    Dijital Bilgi Sistemleri
    lutfi_at_dbs.net.tr
    <www.dbs.net.tr>
    0(212)5202035
    0(212)5136688 Fax
    Çatalcesme Sok No 56
    Cagaloglu
    Ýstanbul

    -----Original Message-----
    From: Serhat Uslay [mailto:serhat.uslay_at_zurich.com.au]
    Sent: Per 16 Eylül 2004 01:33
    To: cisco-ttl_at_yahoogroups.com
    Subject: Re: [cisco-ttl] PIX'de cpu %95'lere cikiyor

    "compromised" demek host'da virus var demektir. INterface trafiginde hangi subnet/host lardan cok fazla trafik geldigine bakarak yada pix'e gelen butun trafigi IDS'e yollayarak (windows yada Linux uzerinde) anormal trafik olup olmadigina bakabilirsin. Eger bu trafik fazlasi durup durup dururken yani ogrenci trafigi sayisi fazla artmadan oldu ise o zaman suphelenmek lazim.
    RIP V1 her 30 saniyede routing table'i komsularina yollar. RIP V2 eger routing table'da degisiklik varsa yollar.

    serhat

    Please respond to cisco-ttl_at_yahoogroups.com

    To: cisco-ttl_at_yahoogroups.com
    cc:
    Subject: Re: [cisco-ttl] PIX'de cpu %95'lere cikiyor

    Verdiginiz adresi gormemistim, iyi oldu.
    show xlate bolumunde soyle bir not var;

    Note: A single host can have multiple connections to various destinations, but only
    one translation. If the xlate count is much larger than the number of hosts on your
    internal network, it is possible that one of your internal hosts has been
    compromised and is spoofing its source address and sending packets out the PIX.

    Sanirim sorunun karsiligi burada. Bahsedilen "compromised" kavramini her ne kadar
    uzlasmak olarak algiladiysam da, pixdeki karsiligini anlayamadim. Internal
    hostlardan hangisinin compromised oldugunu ve spoofing yaptigini nasil anlayacagiz?

    Bir de Rip V2 kullanmak gerekiyor mu?

    >
    > Bunu daha once gordunuz mu bilmiyorum, degilse bir okuyun derim..
    > http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml
    > Interface traffiklerine baktinizmi ?
    > birde RIP V1 calistirmak icin bir sebep varmi ?
    >
    > serhat
    >
    >

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    ---- This email is intended for the named recipient only. It may contain information which is confidential, commercially sensitive, or copyright. If you are not the intended recipient you must not reproduce or distribute any part of the email, disclose its contents, or take any action in reliance. If you have received this email in error, please contact the sender and delete the message. It is your responsibility to scan this email and any attachments for viruses and other defects. To the extent permitted by law, Zurich and its associates will not be liable for any loss or damage arising in any way from this communication including any file attachments. We may monitor email you send to us, either as a reply to this email or any email you send to us, to confirm our systems are protected and for compliance with company policies. Although we take reasonable precautions to protect the confidentiality of our email systems, we do not warrant the confidentiality or security of email or attachments we receive.

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups Sponsor

    ADVERTISEMENT
     <http://us.ard.yahoo.com/SIG=129piabop/M=298184.5285298.6392945.3001176/D=groups/S=1705004726:HM/EXP=1095449622/A=2319498/R=0/SIG=11thfntfp/*http:/www.netflix.com/Default?mqso=60185352&partid=5285298ick here

      <http://us.adserver.yahoo.com/l?M=298184.5285298.6392945.3001176/D=groups/S=:HM/A=2319498/rand=876066293>

     

      _____

    Yahoo! Groups Links

    * To visit your group on the web, go to:
    http://groups.yahoo.com/group/cisco-ttl/
      
    * To unsubscribe from this group, send an email to:
    cisco-ttl-unsubscribe_at_yahoogroups.com <mailto:cisco-ttl-unsubscribe_at_yahoogroups.com?subject=Unsubscribe>
      
    * Your use of Yahoo! Groups is subject to the Yahoo! <http://docs.yahoo.com/info/terms/> Terms of Service.



    This archive was generated by hypermail 2.1.5 : Fri Sep 17 2004 - 08:17:24 GMT