From: Muhammad Nasim (muhammad.nasim@gmail.com)
Date: Sat Jun 28 2008 - 16:36:56 ART
Basel it depends on the question
Two examples I can give u
1. Filter or Block MP3 files using file extension . it is quite simple , we
can match extension of the file and block it.
2. To block and filter Embeded MP3 files , for example I want to block users
to access Embeded MP3 files on youtube. we can acheive this via AIC-HTTP
engine but what could the content type ( it is a long story as there is no
standard of it and this content type must be known in advance to block it).
From real world aspect you can block all the content type of MP3 such as
*audio/mpeg* MP3 or other MPEG
*audio/mpeg3*
*audio/mp3*
*audio/x-mpeg-3* # Not a standard MIME type for this content
*audio/x-mp3
and from the exam aspect I am expecting to given the content type so we can
block it
HTH
*
2008/6/28 Ramy Sisy <ramysisy@inspiredmaster.com>:
> Hi Basel,
> It could be TCP with port 80, 443 or 21,20 and matching "MP3" as a string.
> It depends on the question.
>
>
> BEST REGARDS,
>
> RAMY SISY, CCIE X 2 (SECURITY, ROUTING/SWITCHING)#17321, CCSI#30417
> CCIE PROGRAM MANAGER
>
> INSPIRED MASTER
> INSPIRING CREATIVE THINKING ....
>
> WWW.INSPIREDMASTER.COM
> E. RAMYSISY@INSPIREDMASTER.COM
>
>
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Basel Sharif
> Sent: Saturday, June 28, 2008 9:25 AM
> To: 'Scott Morris'; 'ciscosec sec'; ccielab@groupstudy.com;
> security@groupstudy.com
> Subject: RE: doubt with access-list in Firewalls
>
> Dears,
>
> Any idea about how to filter MP3 on IPS? What type of custom signature?
>
>
> Regards,
> Basel
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Scott Morris
> Sent: Saturday, June 28, 2008 3:53 PM
> To: 'ciscosec sec'; ccielab@groupstudy.com; security@groupstudy.com
> Subject: RE: doubt with access-list in Firewalls
>
> From a general security perspective, it's good to be as specific as
> possible. We do this so that in the future, we aren't "surprised" by
> anything coming in!
>
> In the lab, you can always ask the proctor. As long as you are comfortable
> with being more specific with things, it should be easy to work either
> direction!
>
> HTH,
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M
> #153, JNCIS-ER, CISSP, et al.
> CCSI/JNCI-M/JNCI-ER
> Senior CCIE Instructor
>
> smorris@internetworkexpert.com
>
>
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
> Knowledge is power.
> Power corrupts.
> Study hard and be Eeeeviiiil......
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> ciscosec sec
> Sent: Saturday, June 28, 2008 4:44 AM
> To: ccielab@groupstudy.com; security@groupstudy.com
> Subject: doubt with access-list in Firewalls
>
> Hello Group,
>
> I just had a doubt. In the labs is it ok to configure the access-list on
> Firewalls with any any.
>
> For eg if i were to configure IPSEC between 2 devices with the Firewall in
> between, can i configure the ASA as follows:
> access-list outside permit esp any any
> access-list outside permit upd any any eq isakmp
>
> or do we need to specify the exact hosts in the access list.
>
> Regards,
> raul
>
> ###########################################
>
> This message has been scanned by F-Secure Anti-Virus for Microsoft
> Exchange.
> For more information, connect to http://www.F-Secure.com/
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
-- Muhammad Nasim Network Engineer Saudi Arabia
This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:23 ART