Thx everybody.
Well, I was being attacked, but the PIX was always UP (int outside & inside),
the problem was one port of my switch.
I apologize about my mistake.
BTH, I will prepare one document about indicent response and recovery.
So much thx.
Sam James wrote:
> For you and anyone else who needs to know:
>
> As always, the best place to send questions and reports about possible
> vulnerabilities in any Cisco product is to the Cisco Product Security
> Incident Response Team, <[EMAIL PROTECTED]>. You can read about us at
> <http://www.cisco.com/warp/public/707/sec_incident_response.shtml>.
>
> report that to cisco Javier, and im sure they will be quite willing to help
> you.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Javier Romero
> > Sent: Tuesday, September 21, 1999 5:32 AM
> > To: [EMAIL PROTECTED]
> > Subject: PIX 520 - Very Important
> >
> >
> > Hi folks!
> >
> > Wow... I have a really big problem.
> > Well... Since yesterday I am being attack by spoofing. Their request go
> > to my DNS Server (sometimes to port 137 - Well, I think that attacker
> > know that my DNS Server is Microsoft).
> > Attacker accomplish to reset my PIX Firewall II Series (520). Maybe my
> > firewall dont support a lot of request (all denny).
> > I think that attacker to try predicting how many time delay my firewall
> > in reset.
> >
> > In this point, I would like if u know any exploit or any holes when the
> > PIX firewall must be start up.
> >
> > TIA.
> >
> > _7av1Ch0.
> >
> > Please, I need your help, quickly
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
