Hello everyone:
I am adressing you in search of a little bit of your wisdom and
kindness to get me out of a big problem. You'll see, I think that my
router ( cisco 2511 ) has been compromised.
I have a few ACL aplied to the serial0 (for incoming
packets) and the eth0 (for outgoing packets ), but after two or three
days, I noticed that the matches for the access-lists were not increasing,
you know, frequently I telnet to my router and check out the access-lists
and I see no difference in the number of matches for a particular
access-list,( also I am monitoring constantly the access-list activity at
my admin terminal) what I still do not understand is how can I see an
access-list that is supossed to be still attached to serial0
interface with no increase in the matches number specially since it is the
one that checks every incoming packet from the outside ? Then what I did
was reinstall the access-list , and the number of matches inmediately
started to increase by the second ( which is normally what should be
happening ) but after a while the same thing happened. What do you suggest
me to do, I mean , How can I check the integrity of my router and how can
secure it more. Any leads to where I can find any information or direct
help will be deeply appreciated.
Regards,
*******************************************************************************
Ing. Gerardo Soto Casados
Compu-Redes
Labastida # 37 Esq. Tijuana
San Martin Texmelucan Puebla
Tel. y Fax (012)4845888
e-mail: [EMAIL PROTECTED]
http://www.compu-redes.net.mx
*******************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
