hiya, > What do you suggest > me to do, I mean , How can I check the integrity of my router and how can > secure it more. Any leads to where I can find any information or direct > help will be deeply appreciated. try adding logging statements to the access-lists & send the logs back to a syslog server somewhere within your network. & make sure you're accounting access-violations. examples of cisco config... interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip access-group 102 in ip access-group 103 out no ip directed-broadcast ip accounting access-violations interface Serial0 ip address 172.16.1.1 255.255.255.0 ip access-group 101 in no ip directed-broadcast ip accounting access-violations logging trap debugging logging facility local3 logging 192.168.50.3 access-list 101 deny ip 172.16.0.0 0.0.255.255 any log access-list 101 deny ip any host 172.16.1.1 log etc... that way you'll see info like the following for those access-lists you log: Mar 4 12:42:31 foo.example.com 5118: %SEC-6-IPACCESSLOGP: list 101 denied udp 172.16.3.2(1680) -> 172.16.1.1(1680), 1 packet for more info on securing cisco routers see: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs003.htm http://www.phrack.com/search.phtml?view&article=p55-10 hope this helps, pauline Pauline van Winsen, Senior Technical Consultant [EMAIL PROTECTED] eServ Pty Ltd http://www.eserv.com.au/people/pauline.html "One important point often overlooked is that colours should be selected so that they will not clash with your own personal colouring. After all, you will be living in the house & each room must provide a suitable background for you." Home decorating - Introduction, Woman's World, circa 1964. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
