If MTAs are gettings smarter and better each new stable releases, spammers are also keeping up with them. Email spammers tend to undergo adaptive learning process from these commonly laid out standard and advanced email defense and antispam mechanism. If antispam features of MTAs are getting more centralized, effective and efficient, email spammers too are [...]

Core routers and firewall gateways are usually comprised of basic and extended access control lists including rule sets that define local network security level and control access. They are commonly implemented on gateway routers restricting hosts, protocols and port access to other host or networks located after their default gateways. Basically, routers and default gateways [...]

Multiple SSH attacks coming from multiple hosts with multiple connection can bog down even a firewalled SSH server. Minimizing these kind of attacks can lessen SSH brute force attempts and decrease SSH hack attempts at the same time. Here’s a quick entry on how to tweak SSH configuration to limit the maximum number of unauthenticated [...]

File transfers between hosts can be secured by using SSH protocol. Transferring files from current to remote location can easily be done from terminal using the scp linux command. However, it would be more convenient to have those remote folders and files be mounted locally from our own drive and access them locally using a [...]

Complete these steps to configure Secure Shell (SSH) to the PIX Firewall: 1.Before a connection to the PIX is made through SSH, these prerequisites must be met: *The PIX must run version 5.2 or later. *The PIX must have a VPN Data Encryption Standard (DES) license, as indicated in the output of the show version [...]

Yes. To enable the antispoofing feature on the PIX Firewall, issue the ip verify reverse-path interface int_name command. Note: This feature requires that all internal networks have routes to them on the PIX, and that a default route is also set. An example is shown below. ip verify reverse-path interface outside

In order to change the global timeout setting for all connection with the CLI, refer to this command: asa(config)#timeout conn 01:00:00 This command can also change default timeout for several other connections, for example: xlate | conn | udp | icmp | rpc | h225 | h323 | mgcp | mgcp-pat | sip | sip-disconnect [...]

The Dynamic Host Configuration Protocol (DHCP) daemon must be enabled to listen for DHCP client requests. When the PIX Firewall acts as a DHCP server, PIX provides network configuration parameters to DHCP clients. Dynamically assigned IP addresses are an example for network configuration parameters. These configuration parameters provide a DHCP client with the networking parameters [...]

The PIX/ASA can be configured in order to capture packet information like a sniffer that can be later viewed. There are two ways to do this. In order to capture the packets and later download them to view in ethereal (pcap format), complete these steps: Create an access-list in order to match the traffic. Apply [...]

To configure MS-Exchange connectivity through a PIX Firewall, perform the following steps: 1. Create the static translation for the MS-Exchange server inside address so it can be seen by its public routable address from the outside. Traffic received by the PIX on the outside address of the MS-Exchange server is translated by the PIX and [...]

It is a recommended practice to backup the configuration of the PIX Firewall for use in emergencies or for disaster recovery. But, the PIX does not support an external Flash card. The internal Flash does not support the backup of the configuration file. The configuration file must be saved externally. The PIX configuration file can [...]

With PIX/ASA version 7.0 and later, a new feature is introduced that allows the PIX to support hairpinning in a VPN environment. When the PIX/ASA is the hub in a VPN environment, this feature supports spoke-to-spoke VPN communications as it provides the ability for encrypted traffic to enter and leave the same interface. If the [...]

In many cases, it is necessary to block connectivity to Instant Messaging (IM) services, such as AOL Instant Messenger, Yahoo Instant Messenger, and ICQ. In order to accomplish this, block the ports that those clients use. Ports used by IM services are dynamic. You can block the IP addresses and the port numbers used by [...]

There are the two ways to allow traffic to pass through the PIX Firewall without translating the source address: * Issue the no nat command. The nat (inside) 0 0.0.0.0 0.0.0.0 command allows traffic to pass from the inside to the outside without translating the source addresses, but this version of the nat 0 command [...]

The PIX Firewall does not support the initiation of the traceroute command as it is not part of the PIX command set. However, it can be configured to allow traceroute through it. When a traceroute command is issued from the outside, the PIX does not display its own interface IP address nor does it display [...]