RE: [snort-users] Blocking with a PIX
This is a discussion on RE: [snort-users] Blocking with a PIX within the Snort forums, part of the System Security and Security Related category; This is a multipart message in MIME format. --=_alternative 00516D01C1256E91_= Content-Type: text/plain; charset="US-ASCII" The ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-11-2004
|
|||
|
|||
RE: [snort-users] Blocking with a PIX
This is a multipart message in MIME format.
--=_alternative 00516D01C1256E91_= Content-Type: text/plain; charset="US-ASCII" The shuns won't show up in the rulebase. Connect to the pix, get to an enable prompt, and type 'sh shun' to see if the shuns are being applied. It should show a list of the current shuns in place. I know how it works.... If I type "sh shun" there are no shuns applied. It seems I cannot apply shuns for IP outside of my network. Here's what I mean. If I try to add a shun for an IP inside of my network (for example 10.1.1.x) it works. When I try to add any other IP I get this message from PIX: Shun 192.168.1.1 failed WHY? Davide De Boni Email: d.deboni@edexter.it e.Dexter S.P.A. C.so Risorgimento 5 28823 Ghiffa (VB) ITALIA Tel +39.0323.407733 Fax +39.0323.53558 --=_alternative 00516D01C1256E91_= Content-Type: text/html; charset="US-ASCII" <br><font size=2 color=blue face="Arial">The shuns won't show up in the rulebase. Connect to the pix, get to an enable prompt, and type 'sh shun' to see if the shuns are being applied. It should show a list of the current shuns in place.</font> <br> <br><font size=2 face="sans-serif">I know how it works....</font> <br> <br><font size=2 face="sans-serif">If I type "sh shun" there are no shuns applied.</font> <br><font size=2 face="sans-serif">It seems I cannot apply shuns for IP outside of my network.</font> <br> <br><font size=2 face="sans-serif">Here's what I mean.</font> <br> <br><font size=2 face="sans-serif">If I try to add a shun for an IP inside of my network (for example 10.1.1.x) it works.</font> <br><font size=2 face="sans-serif">When I try to add any other IP I get this message from PIX:</font> <br> <br><font size=2 face="sans-serif">Shun 192.168.1.1 failed</font> <br> <br> <br><font size=2 face="sans-serif">WHY?</font> <br> <br> <br> <br><font size=2 face="sans-serif"><br> Davide De Boni<br> <br> Email: d.deboni@edexter.it<br> <br> e.Dexter S.P.A.<br> C.so Risorgimento 5<br> 28823 Ghiffa (VB)<br> ITALIA<br> Tel +39.0323.407733<br> Fax +39.0323.53558</font> --=_alternative 00516D01C1256E91_=-- ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg...rom=osdnemail3 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
