From: Serge N'GBESSO (sergeng@yahoo.fr)
Date: Fri Dec 09 2005 - 09:37:28 GMT-3
01>Router >> match Ftp traffic w/ only tcp/21
02>PIX>>inbound traffic other than TCP&UDP must be explicitely permitted, ICMP, ESP ...
03>Router>>IPSec between Router/Client must have authorizaton set to build the tunnel 04>Router>>"ip inspect name FW-O smtp" always need "ip inspect name FW-O tcp" ??
Serge N'GBESSO <sergeng@yahoo.fr> a icrit :
Date: Fri, 9 Dec 2005 12:52:05 +0100 (CET)
De: "Serge N'GBESSO" <sergeng@yahoo.fr>
Objet: Non-conventional implicit rules !!!
@: ccielab@groupstudy.com
Correct me if i'm wrong.
=>Router >> match Ftp traffic w/ only tcp/21
=>PIX>>inbound traffic other than TCP&UDP must be explicitely permitted, ICMP, ESP ...
=>Router>>IPSec between Router/Client must have authorizaton set to build the tunnel
=>Router>>"ip inspect name FW-O smtp" always need "ip inspect name FW-O tcp"
Please comment and add thx.
Serge R. N'GBESSO
serge.ngbesso@bnpparibas.com
Security Consultant
CCDA, CCSP, CCIE:Security,
Certified Etichal Hacker.
www.1000club.com/club/japon/
---------------------------------
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Tilichargez le ici !
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3