subject:"Denial of service attack prevention \[7\:19568\]"

RE: Denial of service attack prevention [7:19568]

2001-09-14 Thread Haydn Solomon


That's some really good information. I'll definitely have to look into
taking some of these measures. You can never be too secure. If I find
any other strategies on the router side I'll post it. Thanks a lot guys.

-- Haydn

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Brian Whalen
Sent: Thursday, September 13, 2001 3:01 PM
To: [EMAIL PROTECTED]
Subject: Re: Denial of service attack prevention [7:19568]

Heres a good solaris security article, likey applicable to other nixes..

http://www.samag.com/articles/2000/0013/0013c/0013c.htm

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 13 Sep 2001, MADMAN wrote:

> I don't know what else on the router you could do but there are things
> you can do on your host but not being a sys admin I can't get into
> details.  Check this out:
>
> http://www.cisco.com/warp/public/707/4.html
>
>   Dave
>
> Haydn Solomon wrote:
> >
> > Actually I was asking what OTHER means than tcp intercept there was
> > because we don't have the version that supports it. Can you answer
that?
> > I know that our version doesn't cause I checked with the "?" feature
and
> > the option isn't there. In any case here is a copy of the sh ver.
> >
> > Cisco Internetwork Operating System Software
> > IOS (tm) RSP Software (RSP-ISV-M), Version 12.0(15), RELEASE
SOFTWARE
> > (fc1)
> > Copyright (c) 1986-2000 by cisco Systems, Inc.
> > Compiled Wed 27-Dec-00 13:54 by linda
> > Image text-base: 0x60010930, data-base: 0x60C46000
> >
> > ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE
> > SOFTWARE (fc1)
> > BOOTFLASH: GS Software (RSP-BOOT-M), Version 11.1(22)CA, EARLY
> > DEPLOYMENT RELEASE SOFTWARE (fc1)
> >
> > -- Haydn
> >
> > -Original Message-
> > From: MADMAN [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, September 12, 2001 11:05 AM
> > To: Haydn Solomon
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Denial of service attack prevention [7:19568]
> >
> >   send a sh ver of your router, not all platforms support TCP
Intercept.
> >
> >   Dave
> >
> > Haydn Solomon wrote:
> > >
> > > Hi all,
> > >
> > > I was recently reading an article on ciscos site about strategies
for
> > > preventing denial of service attacks. They mentioned the ip
intercept
> > > configuration feature for IOS version 11.3. However our routers
are
> > > running version 12.0 and doesnt have that feature. Does anyone
out
> > > there know what other effective strategies can be used to prevent
this
> > > kind of attack on IOS versions other than 11.3? Any input will be
> > > appreciated, thanks.
> > >
> > > -Haydn
> > --
> > David Madland
> > Sr. Network Engineer
> > CCIE# 2016
> > Qwest Communications Int. Inc.
> > [EMAIL PROTECTED]
> > 612-664-3367
> >
> > "Emotion should reflect reason not guide it"
> >
> > _
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com
>
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19929&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Denial of service attack prevention [7:19568]

2001-09-13 Thread Brian Whalen


Heres a good solaris security article, likey applicable to other nixes..

http://www.samag.com/articles/2000/0013/0013c/0013c.htm

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 13 Sep 2001, MADMAN wrote:

> I don't know what else on the router you could do but there are things
> you can do on your host but not being a sys admin I can't get into
> details.  Check this out:
>
> http://www.cisco.com/warp/public/707/4.html
>
>   Dave
>
> Haydn Solomon wrote:
> >
> > Actually I was asking what OTHER means than tcp intercept there was
> > because we don't have the version that supports it. Can you answer that?
> > I know that our version doesn't cause I checked with the "?" feature and
> > the option isn't there. In any case here is a copy of the sh ver.
> >
> > Cisco Internetwork Operating System Software
> > IOS (tm) RSP Software (RSP-ISV-M), Version 12.0(15), RELEASE SOFTWARE
> > (fc1)
> > Copyright (c) 1986-2000 by cisco Systems, Inc.
> > Compiled Wed 27-Dec-00 13:54 by linda
> > Image text-base: 0x60010930, data-base: 0x60C46000
> >
> > ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE
> > SOFTWARE (fc1)
> > BOOTFLASH: GS Software (RSP-BOOT-M), Version 11.1(22)CA, EARLY
> > DEPLOYMENT RELEASE SOFTWARE (fc1)
> >
> > -- Haydn
> >
> > -Original Message-----
> > From: MADMAN [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, September 12, 2001 11:05 AM
> > To: Haydn Solomon
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Denial of service attack prevention [7:19568]
> >
> >   send a sh ver of your router, not all platforms support TCP Intercept.
> >
> >   Dave
> >
> > Haydn Solomon wrote:
> > >
> > > Hi all,
> > >
> > > I was recently reading an article on ciscos site about strategies for
> > > preventing denial of service attacks. They mentioned the ip intercept
> > > configuration feature for IOS version 11.3. However our routers are
> > > running version 12.0 and doesnt have that feature. Does anyone out
> > > there know what other effective strategies can be used to prevent this
> > > kind of attack on IOS versions other than 11.3? Any input will be
> > > appreciated, thanks.
> > >
> > > -Haydn
> > --
> > David Madland
> > Sr. Network Engineer
> > CCIE# 2016
> > Qwest Communications Int. Inc.
> > [EMAIL PROTECTED]
> > 612-664-3367
> >
> > "Emotion should reflect reason not guide it"
> >
> > _
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com
>
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19824&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Denial of service attack prevention [7:19568]

2001-09-13 Thread MADMAN


I don't know what else on the router you could do but there are things
you can do on your host but not being a sys admin I can't get into
details.  Check this out:

http://www.cisco.com/warp/public/707/4.html

  Dave

Haydn Solomon wrote:
> 
> Actually I was asking what OTHER means than tcp intercept there was
> because we don't have the version that supports it. Can you answer that?
> I know that our version doesn't cause I checked with the "?" feature and
> the option isn't there. In any case here is a copy of the sh ver.
> 
> Cisco Internetwork Operating System Software
> IOS (tm) RSP Software (RSP-ISV-M), Version 12.0(15), RELEASE SOFTWARE
> (fc1)
> Copyright (c) 1986-2000 by cisco Systems, Inc.
> Compiled Wed 27-Dec-00 13:54 by linda
> Image text-base: 0x60010930, data-base: 0x60C46000
> 
> ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE
> SOFTWARE (fc1)
> BOOTFLASH: GS Software (RSP-BOOT-M), Version 11.1(22)CA, EARLY
> DEPLOYMENT RELEASE SOFTWARE (fc1)
> 
> -- Haydn
> 
> -Original Message-
> From: MADMAN [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 12, 2001 11:05 AM
> To: Haydn Solomon
> Cc: [EMAIL PROTECTED]
> Subject: Re: Denial of service attack prevention [7:19568]
> 
>   send a sh ver of your router, not all platforms support TCP Intercept.
> 
>   Dave
> 
> Haydn Solomon wrote:
> >
> > Hi all,
> >
> > I was recently reading an article on ciscos site about strategies for
> > preventing denial of service attacks. They mentioned the ip intercept
> > configuration feature for IOS version 11.3. However our routers are
> > running version 12.0 and doesnt have that feature. Does anyone out
> > there know what other effective strategies can be used to prevent this
> > kind of attack on IOS versions other than 11.3? Any input will be
> > appreciated, thanks.
> >
> > -Haydn
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
> 
> "Emotion should reflect reason not guide it"
> 
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com

-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

"Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19773&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Denial of service attack prevention [7:19568]

2001-09-12 Thread Haydn Solomon

Actually I was asking what OTHER means than tcp intercept there was
because we don't have the version that supports it. Can you answer that?
I know that our version doesn't cause I checked with the "?" feature and
the option isn't there. In any case here is a copy of the sh ver.

Cisco Internetwork Operating System Software 
IOS (tm) RSP Software (RSP-ISV-M), Version 12.0(15), RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Wed 27-Dec-00 13:54 by linda
Image text-base: 0x60010930, data-base: 0x60C46000

ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE
SOFTWARE (fc1)
BOOTFLASH: GS Software (RSP-BOOT-M), Version 11.1(22)CA, EARLY
DEPLOYMENT RELEASE SOFTWARE (fc1)

-- Haydn

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 12, 2001 11:05 AM
To: Haydn Solomon
Cc: [EMAIL PROTECTED]
Subject: Re: Denial of service attack prevention [7:19568]

  send a sh ver of your router, not all platforms support TCP Intercept.

  Dave

Haydn Solomon wrote:
> 
> Hi all,
> 
> I was recently reading an article on ciscos site about strategies for
> preventing denial of service attacks. They mentioned the ip intercept
> configuration feature for IOS version 11.3. However our routers are
> running version 12.0 and doesnt have that feature. Does anyone out
> there know what other effective strategies can be used to prevent this
> kind of attack on IOS versions other than 11.3? Any input will be
> appreciated, thanks.
> 
> -Haydn
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

"Emotion should reflect reason not guide it"

_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19719&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Denial of service attack prevention [7:19568]

2001-09-12 Thread Brian


Good way to limit syn floods, nice..

Bri

- Original Message -
From: "Kent Hundley" 
To: 
Sent: Wednesday, September 12, 2001 8:30 AM
Subject: RE: Denial of service attack prevention [7:19568]


> Go to http://www.cisco.com/go/fn and search for "TCP intercept".
>
> HTH,
> Kent
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Haydn Solomon
> Sent: Wednesday, September 12, 2001 7:01 AM
> To: [EMAIL PROTECTED]
> Subject: Denial of service attack prevention [7:19568]
>
>
> Hi all,
>
> I was recently reading an article on ciscos site about strategies for
> preventing denial of service attacks. They mentioned the ip intercept
> configuration feature for IOS version 11.3. However our routers are
> running version 12.0 and doesnt have that feature. Does anyone out
> there know what other effective strategies can be used to prevent this
> kind of attack on IOS versions other than 11.3? Any input will be
> appreciated, thanks.
>
> -Haydn




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19622&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Denial of service attack prevention [7:19568]

2001-09-12 Thread Kent Hundley


Go to http://www.cisco.com/go/fn and search for "TCP intercept".

HTH,
Kent

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Haydn Solomon
Sent: Wednesday, September 12, 2001 7:01 AM
To: [EMAIL PROTECTED]
Subject: Denial of service attack prevention [7:19568]


Hi all,

I was recently reading an article on ciscos site about strategies for
preventing denial of service attacks. They mentioned the ip intercept
configuration feature for IOS version 11.3. However our routers are
running version 12.0 and doesnt have that feature. Does anyone out
there know what other effective strategies can be used to prevent this
kind of attack on IOS versions other than 11.3? Any input will be
appreciated, thanks.

-Haydn




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19601&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Denial of service attack prevention [7:19568]

2001-09-12 Thread MADMAN


send a sh ver of your router, not all platforms support TCP Intercept.

  Dave

Haydn Solomon wrote:
> 
> Hi all,
> 
> I was recently reading an article on ciscos site about strategies for
> preventing denial of service attacks. They mentioned the ip intercept
> configuration feature for IOS version 11.3. However our routers are
> running version 12.0 and doesnt have that feature. Does anyone out
> there know what other effective strategies can be used to prevent this
> kind of attack on IOS versions other than 11.3? Any input will be
> appreciated, thanks.
> 
> -Haydn
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

"Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19595&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Denial of service attack prevention [7:19568]

2001-09-12 Thread Haydn Solomon


Hi all,

I was recently reading an article on ciscos site about strategies for
preventing denial of service attacks. They mentioned the ip intercept
configuration feature for IOS version 11.3. However our routers are
running version 12.0 and doesnt have that feature. Does anyone out
there know what other effective strategies can be used to prevent this
kind of attack on IOS versions other than 11.3? Any input will be
appreciated, thanks.

-Haydn




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19568&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Denial of service attack prevention [7:19568]

Re: Denial of service attack prevention [7:19568]

Re: Denial of service attack prevention [7:19568]

RE: Denial of service attack prevention [7:19568]

Re: Denial of service attack prevention [7:19568]

RE: Denial of service attack prevention [7:19568]

Re: Denial of service attack prevention [7:19568]

Denial of service attack prevention [7:19568]

8 matches

Site Navigation

Mail list logo

Footer information