From: Tarek Sabry (tsabry@xxxxxxxxxxxxxxxxxxx)
Date: Wed May 22 2002 - 11:45:57 GMT-3
That's what I would think based on the info you are giving here. I think if
you have FW IOS you can also use something like Context-Based Access Lists.
I never used them, but I heard that they are also a powerful tool.
Tarek
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
CCIE-Maillist
Sent: Wednesday, May 22, 2002 9:10 AM
To: ccielab@groupstudy.com
Subject: tcp intercept
I am trying to configure tcp intercept but don't have any practical
experience
with it. If a lab says that you are getting a lot of rogue packets and to
configure it such that hosts can get through every one and a half minutes,
no
matter how many rogue packets you are getting- which setting do you set for
the 1.5 minutes?
I am looking on the webpage-
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsec
u
r_c/ftrafwl/scfdenl.htm
My guess is to set the watch timeout but can someone who has experience
confirm whether or not that is correct?
Thanks,
David
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:04 GMT-3