Solved

IDS on PIX 506e

Posted on 2006-10-26
6
295 Views
Last Modified: 2013-11-16
Dear Experts

We have the following commands on our PIX 506e FW

logging on
logging timestamp
logging trap informational
logging host inside 192.168.1.7
<snip>
ip audit info action alarm
ip audit attack action alarm

In order to check for Intrusion Detection, can anyone tell me what I should be looking for on the Kiwi Syslog server?

Thx
0
Comment
Question by:Dilan77
  • 4
  • 2
6 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17812115
PIX 506E do not have IDS inbuilt into it. Can't do! Only higher end models.

Cheers,
Rajesh
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17812133
On the other hand if you want to look at normal firewall actions, this will help you get acquainted with PIX messages;

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a00800891ec.html#25608

Cheers,
Rajesh
0
 
LVL 2

Author Comment

by:Dilan77
ID: 17812159
That's weird....there is an IDS section on the PDM! It's set to log events.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 32

Expert Comment

by:rsivanandan
ID: 17812215
Yeah, it is a Java Client and common for all, but this Model doesn't have it. If you go for Integrated devices (ASA 5xxx series), only those have IDS functionality.

Right now, Cisco has only 3 platforms for IDS/IPS;

1. IOS IPS -> On a router

2. Firewall IPS -> On ASA Series

3. IDS Appliance -> 4200 series appliances.

Cheers,
Rajesh
0
 
LVL 2

Author Comment

by:Dilan77
ID: 17812438
Ok, thanks Rajesh....
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17813204
No Problem.

Cheers,
Rajesh
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Watchguard Firewall Setup 3 29
Cisco Routing with 2 ISP connection 5 47
Root STP in Cisco switch maintenance 2 19
Access List 4 10
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now