Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PIX Questions

from [Bohling James GS-13 JBC] Network Security [Permanent Link]
Subject: RE: PIX Questions
Date: Fri, 20 Aug 2004 09:42:39 -0400 
Answer to part 2 of question 1 

The PIX IDS functionality is very limited there are much more than 55
known attack vectors out there.  The PIX is great for front line IDS
though because it actually inspects for 55 critical signatures; however
this is insufficient for a full fledge enterprise network.  As such, an
enterprise IDS should also be incorporated into your perimeter security
strategy.

Some IDS such as Snort, RealSecure, Sourcefire, Enterasys, and Symantec
offer reputable products.

On the other hand Cisco IDS is also reputable and probably integrates
well with your existing infrastructure, which is probably Cisco. Cisco
routers, firewalls, and even switches can now be integrated with the
Cisco IDS product.  However again, then you are approaching being locked
into the Cisco/Windows paradigm that plagues us today.  

Sorry I couldn't find the list of 55 signatures either.

- James


-----Original Message-----
From: Aaron [mailto:agflem@yahoo.ca] 
Sent: Thursday, August 19, 2004 9:31 AM
Cc: firewalls@securityfocus.com
Subject: PIX Questions

1. The PIX 506E scans for 55 known attacks, what are they? 
Also, does it scan for other 'threats'? Should there be 
another device in use for IDS aside from the PIX?

2. I would like to use the PDM, however I can not download it 
from Cisco. The PIX IOS is 6.3, but I'm not sure what else I 
need to take advantage of the web based interface.

Cheers
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PIX Questions, Oguzhan AKYUZ
Next by Date:  Re: PIX - VPN with IPSec, Qv6
Previous by Thread:  Re: PIX Questions, Oguzhan AKYUZ
Next by Thread:  Re: PIX Questions, Aaron
Indexes:  [Date] [Thread] [Top] [All Lists]