I have used embryonic connections option in the conduit statement.
And, I use it, only when I think that I am under a DoS attack against my
servers.
But, I would to know if somebody here know what is the number of embryonic
connections which stop a Windows NT.
I am not sure if the number is 5 (according to my IDIC from SANS)
Regards,
kefan
>Hi Rob,
>
>Generally the default timeout values should be fine. These are *idle*
>timeout values, so if the connection is completed normally, the connection
>slot on the PIX is deleted and cannot be re-used in a continuation or
>spoofing attempt.
>
>Hope that helps,
>
>Lisa Napier
>Product Security Incident Response Team
>Cisco Systems
>http://www.cisco.com/warp/public/707/sec_incident_response.shtml
>
>
>
>At 12:44 PM 08/02/2000 -0400, Rob Serfozo wrote:
>>I have a Pix 515 and was wondering if anyone using a pix had suggestions
>>on
>>the timeout settings. Do you just leave the Xlate, conn, and other to
>>their
>>default. Or would it be a better security policy to lower these timeouts.
>>
>>Thanks,
>>Rob Serfozo
>>
>>
>>-
>>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>>"unsubscribe firewalls" in the body of the message.]
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
