Re: [OSL | CCIE_Security] Flags - sh conn - ASA

[Tyson Scott]

Kings,

 

Can you resend the picture.  I already deleted it.  Sorry.

 

Regards,

 

Tyson Scott - CCIE #13513 R&S, Security, and SP

Managing Partner / Sr. Instructor - IPexpert, Inc.

Mailto:  <mailto:tsc...@ipexpert.com> tsc...@ipexpert.com

Telephone: +1.810.326.1444, ext. 208

Live Assistance, Please visit:  <http://www.ipexpert.com/chat>
www.ipexpert.com/chat

eFax: +1.810.454.0130

 

IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
CCIE (R&S, Voice, Security & Service Provider) certification(s) with
training locations throughout the United States, Europe, South Asia and
Australia. Be sure to visit our online communities at
<http://www.ipexpert.com/communities> www.ipexpert.com/communities and our
public website at  <http://www.ipexpert.com/> www.ipexpert.com

 

From: Kingsley Charles [mailto:kingsley.char...@gmail.com] 
Sent: Thursday, June 03, 2010 11:13 AM
To: Tyson Scott
Cc: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Flags - sh conn - ASA

 

Yes, Tyson even I used the same criteria of looking into "B". But I am
confused.

In each O/P, on the left side the column is "TCP Flags" and right colum is
"FW flags". Not getting what the exhibit is trying to convey.
Can you please explain what the exhibit is about?


With regards
Kings

On Thu, Jun 3, 2010 at 7:39 PM, Tyson Scott <tsc...@ipexpert.com> wrote:

I don't think it is asking to get the output looking like that it is just
giving you the relevant data.  It also is not output from a single packet it
is from the entire communication not just the initial packet. 2 is A and 1
is B right. As B is initial SYN from outside

 

Regards,

 

Tyson Scott - CCIE #13513 R&S, Security, and SP

Managing Partner / Sr. Instructor - IPexpert, Inc.

Mailto: tsc...@ipexpert.com

Telephone: +1.810.326.1444, ext. 208

Live Assistance, Please visit: www.ipexpert.com/chat

eFax: +1.810.454.0130

 

IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
CCIE (R&S, Voice, Security & Service Provider) certification(s) with
training locations throughout the United States, Europe, South Asia and
Australia. Be sure to visit our online communities at
www.ipexpert.com/communities and our public website at www.ipexpert.com
<http://www.ipexpert.com/> 

 

From: Kingsley Charles [mailto:kingsley.char...@gmail.com] 
Sent: Thursday, June 03, 2010 9:54 AM
To: Tyson Scott
Cc: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Flags - sh conn - ASA

 

Actually, I meant the IPS section of the flash card :-)

Attached the screenshot

With regards
Kings

On Thu, Jun 3, 2010 at 7:15 PM, Tyson Scott <tsc...@ipexpert.com> wrote:

You said it is for the IPS module right?  Do you have an IPS module

 

Regards,

 

Tyson Scott - CCIE #13513 R&S, Security, and SP

Managing Partner / Sr. Instructor - IPexpert, Inc.

Mailto: tsc...@ipexpert.com

Telephone: +1.810.326.1444, ext. 208

Live Assistance, Please visit: www.ipexpert.com/chat

eFax: +1.810.454.0130

 

IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
CCIE (R&S, Voice, Security & Service Provider) certification(s) with
training locations throughout the United States, Europe, South Asia and
Australia. Be sure to visit our online communities at
www.ipexpert.com/communities and our public website at www.ipexpert.com
<http://www.ipexpert.com/> 

 

From: ccie_security-boun...@onlinestudylist.com
[mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of Kingsley
Charles
Sent: Thursday, June 03, 2010 9:06 AM
To: ccie_security@onlinestudylist.com
Subject: [OSL | CCIE_Security] Flags - sh conn - ASA

 

Hi 

Flash card - IPS module - 25th question. There is screenshot of sh conn
flags and it asks to map which is inbound and outbound. 
Can someone explain that screenshot. I am not able to get that king of O/P
with sh conn options. 

This is what I get in my ASA.

ciscoasa(config)# sh conn detail
1 in use, 2 most used
Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,
       B - initial SYN from outside, b - TCP state-bypass or nailed, C -
CTIQBE
media,
       D - DNS, d - dump, E - outside back connection, F - outside FIN, f -
insi
de FIN,
       G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data,
       i - incomplete, J - GTP, j - GTP data, K - GTP t3-response
       k - Skinny media, M - SMTP data, m - SIP media, n - GUP
       O - outbound data, P - inside back connection, p - Phone-proxy TFTP
conne
ction,
       q - SQL*Net data, R - outside acknowledged FIN,
       R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside SYN,
       s - awaiting outside SYN, T - SIP, t - SIP transient, U - up,
       V - VPN orphan, W - WAAS,
       X - inspected by service module
TCP outside:10.20.30.40/23 inside:10.20.30.42/20257,
    flags UIO, idle 13m35s, uptime 13m42s, timeout 1h0m, bytes 158




With regards
Kings

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.819 / Virus Database: 271.1.1/2914 - Release Date: 06/03/10
02:25:00

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.819 / Virus Database: 271.1.1/2914 - Release Date: 06/03/10
02:25:00

 


_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com