Never tried but I guess Msg Body Pattern should do it. Please lab it out. With regards Kings
On Sun, Feb 27, 2011 at 10:04 PM, Pemasiri Devanarayana <[email protected]>wrote: > Hi Kings, > > I just need add something more on this question.. if the same signature > want to match any pattern in the url (ie.Bomb) where are we write the > pattern...? > > thanks. > > > 3) when configuring customs signature...and asked that signature should >> protect tunneling over http (such as P2P or instant messaging), do we need >> to configure any additional configuration apart from configuring service >> http type engine matching any patern (using regex) and service-port 80.. >> because still I'm confused how does protect tunneling over http for >> P2P/instant messaging etc. >> > > You should use HTTP AIC engine for this. Create AIC HTTP sig and select sig > type "Define Web Traffic Policy. Then enable "Alarm in non=HTTP Traffic" > > > On Thu, Feb 24, 2011 at 7:49 PM, Pemasiri Devanarayana <[email protected] > > wrote: > >> Thanks a lot King for you time on responding this and clarifying them... I >> will check them and get back to you if any further doubts.. :) >> >> >> On Thu, Feb 24, 2011 at 4:53 AM, Kingsley Charles < >> [email protected]> wrote: >> >>> Comments inline...... >>> >>> With regards >>> Kings >>> >>> On Thu, Feb 24, 2011 at 12:09 AM, Pemasiri Devanarayana < >>> [email protected]> wrote: >>> >>>> Hi All, >>>> >>>> I would appreciate the correct solutions (as expected in the lab >>>> grading) for below points on various sections of the labs. >>>> >>>> 1) if a question asked to authenticate and authorized on particular >>>> telnet connection ie line 1 & 3 and not to authtenticate on line say 5, >>>> will >>>> the following solution is correct (assumed we have already configured aaa) >>>> >>> >>> I guess configuring "transport input telnet" would be required for >>> line 1 and 3. But lIne 1 is aux 0.actually. >>> >>>> >>>> line vty 1 (or 3) >>>> login authentication xxxx (aaa method) >>>> authorization exec xxxx >>>> authorization command xx xxxx >>>> ! >>>> line vty 5 >>>> login authentication yyyy (aaa method, none) >>>> >>>> 2) when configuring IP NBAR do we need to add the following command in >>>> addition service-police under the interface. >>>> interface x/x >>>> ip nbar protocol-discovery >>>> service-policy input <pm-name> >>>> >>>> ip nbar protocol-discovery is not required >>> >>> >>> >>> >>>> 3) when configuring customs signature...and asked that signature should >>>> protect tunneling over http (such as P2P or instant messaging), do we need >>>> to configure any additional configuration apart from configuring service >>>> http type engine matching any patern (using regex) and service-port 80.. >>>> because still I'm confused how does protect tunneling over http for >>>> P2P/instant messaging etc. >>>> >>> >>> You should use HTTP AIC engine for this. Create AIC HTTP sig and select >>> sig type "Define Web Traffic Policy. Then enable "Alarm in non=HTTP >>> Traffic". >>> >>> >>>> >>>> Thanks in advance... >>>> >>>> >>>> >>>> >>> >>> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
