Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-19 Thread Kingsley Charles
*Subject:* Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks ** ** Hi Anthony. Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually test this as a standalone feature or did you always use it as a part of your CBAC/ZBF configuration? Cheers

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-19 Thread Johan Bornman
Thanks, Kings. From: Kingsley Charles [mailto:kingsley.char...@gmail.com] Sent: 19 June 2012 08:41 AM To: Johan Bornman Cc: Anthony Sequeira; alexei...@gmail.com; CCIE Security Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks Use the following logic with CBAC

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-19 Thread Eugene Pefti
Bornman Cc: CCIE Security Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks Use the following logic with CBAC ip inspect name fw fragment maximum - for outbound ip virtual-reassembly - for inbound With regards Kings On Tue, Jun 19, 2012 at 9:10 AM, Johan Bornman jo

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-18 Thread Anthony Sequeira
I did not test standalone and saw no documentation that led me to believe it would work standalone. From: Alexei Monastyrnyi [mailto:alexei...@gmail.com] Sent: Monday, June 18, 2012 7:55 AM To: Anthony Sequeira Cc: CCIE Security Subject: Re: [OSL | CCIE_Security] Protecting Against Fragmentation

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-18 Thread Alexei Monastyrnyi
Hi Anthony. Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually test this as a standalone feature or did you always use it as a part of your CBAC/ZBF configuration? Cheers A. On 6/18/2012 12:22 PM, Anthony Sequeira wrote: Here is a post I did today on this topic.

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-18 Thread Johan Bornman
| CCIE_Security] Protecting Against Fragmentation Attacks Hi Anthony. Mentioning ip virtual-reassembly as a part of CBAC/ZBF, did you actually test this as a standalone feature or did you always use it as a part of your CBAC/ZBF configuration? Cheers A. On 6/18/2012 12:22 PM, Anthony Sequeira wrote

[OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-17 Thread Anthony Sequeira
Here is a post I did today on this topic. http://blog.ipexpert.com/2012/06/17/ccie-security-challenge-–-day-22-of-120-–-fragment-attacks/ See anything I am missing? Thanks in advance! ___ For more information regarding industry leading CCIE Lab

Re: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks

2012-06-17 Thread Mike Rojas
I like it, Very useful, although I dont know why the title Day 21 Time-Based ACLs on IOS and ASA ;) From: anthony.seque...@stormwind.com To: ccie_security@onlinestudylist.com Date: Mon, 18 Jun 2012 02:22:25 + Subject: [OSL | CCIE_Security] Protecting Against Fragmentation Attacks