*Subject:* Re: [OSL | CCIE_Security] Protecting Against Fragmentation
Attacks
** **
Hi Anthony.
Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually
test this as a standalone feature or did you always use it as a part of
your CBAC/ZBF configuration?
Cheers
Thanks, Kings.
From: Kingsley Charles [mailto:kingsley.char...@gmail.com]
Sent: 19 June 2012 08:41 AM
To: Johan Bornman
Cc: Anthony Sequeira; alexei...@gmail.com; CCIE Security
Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks
Use the following logic with CBAC
Bornman
Cc: CCIE Security
Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks
Use the following logic with CBAC
ip inspect name fw fragment maximum - for outbound
ip virtual-reassembly - for inbound
With regards
Kings
On Tue, Jun 19, 2012 at 9:10 AM, Johan Bornman
jo
I did not test standalone and saw no documentation that led me to believe it
would work standalone.
From: Alexei Monastyrnyi [mailto:alexei...@gmail.com]
Sent: Monday, June 18, 2012 7:55 AM
To: Anthony Sequeira
Cc: CCIE Security
Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation
Hi Anthony.
Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually
test this as a standalone feature or did you always use it as a part of
your CBAC/ZBF configuration?
Cheers
A.
On 6/18/2012 12:22 PM, Anthony Sequeira wrote:
Here is a post I did today on this topic.
| CCIE_Security] Protecting Against Fragmentation Attacks
Hi Anthony.
Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually
test this as a standalone feature or did you always use it as a part of your
CBAC/ZBF configuration?
Cheers
A.
On 6/18/2012 12:22 PM, Anthony Sequeira wrote
Here is a post I did today on this topic.
http://blog.ipexpert.com/2012/06/17/ccie-security-challenge-–-day-22-of-120-–-fragment-attacks/
See anything I am missing? Thanks in advance!
___
For more information regarding industry leading CCIE Lab
I like it,
Very useful, although I dont know why the title Day 21 Time-Based ACLs on IOS
and ASA ;)
From: anthony.seque...@stormwind.com
To: ccie_security@onlinestudylist.com
Date: Mon, 18 Jun 2012 02:22:25 +
Subject: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks