nanog mailing list archives
Re: your mail
From: "Stephen Sprunk" <ssprunk () cisco com>
Date: Wed, 22 Sep 1999 10:38:30 -0500
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t5/iosfw2/iosfw2_2.htm#xtocid1359543 SMTP Messages CBAC detects and blocks SMTP attacks (illegal SMTP commands) and notifies you when SMTP attacks occur. Error messages such as the following may indicate that an SMTP attack has occurred: %FW-4-SMTP_INVALID_COMMAND: Invalid SMTP command from initiator (192.168.12.3:52419) Looks like it does do that after all... IOS FW also monitors HTTP, CU-SeeMe, FTP, H.323, NetShow, r-commands, RealAudio, Sun RPC, SQL*Net, StreamWorks, TFTP, VDOLive, and generic TCP/UDP sessions in addition to SMTP. It also protects against fragment attacks, SYN attacks, ACK attacks, and bogus TCP sequence numbers. Randy: ip inspect name firewall smtp S Stephen Sprunk, K5SSS, CCIE#3723 Network Consulting Engineer Cisco NSA Dallas, Texas, USA e-mail:ssprunk () cisco com Pager: +1 800 365-4578 Empowering the Internet Generation ----- Original Message ----- From: Alex P. Rudnev To: Gerry McDonald Cc: nanog () merit edu Sent: Wednesday, September 22, 1999 5:37 Subject: Re: your mail Get IOS FireWall Feauture set, router with the 2 LAN and 2 WAN interfaces, and say _get away_ to the hw vendors. No doubt, it's possible to enter into IOS if you did not installed access lists on the VTY, keep working some extra services (such as router-based WWW) or so on; but it do not depend of the firewalls at all... And - if you don't need session-level firewall (with the analysing of SMTP content for example) IOS FW feature set is very effective solution. Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
Current thread:
- [no subject] Gerry McDonald (Sep 21)
- RE: Roeland M.J. Meyer (Sep 21)
- RE: Mike Leber (Sep 22)
- RE: Derek Balling (Sep 22)
- NANOG applicability (was: RE: ) dave o'leary (Sep 23)
- Re: NANOG applicability (was: RE: ) Majdi Abbas (Sep 23)
- Re: NANOG applicability (was: RE: ) john heasley (Sep 23)
- Re: NANOG applicability (was: RE: ) Sean Butler (Sep 23)
- RE: Mike Leber (Sep 22)
- RE: Roeland M.J. Meyer (Sep 21)
- Re: your mail Stephen Sprunk (Sep 22)
- Re: your mail Alex P. Rudnev (Sep 22)
- Re: your mail Alex P. Rudnev (Sep 22)