Archives

  • How to Remove an Access-List on a Cisco ASA

    If this is driving you crazy, like it did me. Here is how to remove an access-list from a Cisco ASA. Note you will have to execute these commands from Global Configuration mode. Nothing fancy, but you would logically think no access-list id would work, it doesn’t, you have to use the clear configure access-list command […]

    Sep 6th, 2011 • Filed under ASA, Data Plane Protection, SecurityPrint View
  • Controlling Outbound Telnet Connections from the IOS CLI

    Just about everyone that has ever touched a Cisco IOS router, knows that you can secure VTY access to the router, by creating an access-list and applying it to all VTY lines with the command access-class in command. This would leave one to think that the command access-class out would prevent a user from connecting […]

    Aug 22nd, 2011 • Filed under IOS, Management Plane ProtectionPrint View
  • Test Regular Experssion from ASA CLI

    If you happen to be creating regular expressions for use with inspections, they can get a bit confusing, and you should test regular expressions that are to be placed in to a production environment. The ASA provides a convenient command to test regular expressions, below is a test of a regular expression used to match .mp3 (and […]

    Aug 11th, 2011 • Filed under ASAPrint View
  • Protect a Network from Botnet Traffic using Cisco Botnet Traffic Filter

    Protecting a network from botnet traffic can save the network from congestion problems that botnet traffic would exert on the company network, the leak of passwords and other sensitive information, and protect against the possible infection to company computers, which would just aid the owners of the botnet. Keeping up-to-date with what traffic is botnet […]

    Aug 7th, 2011 • Filed under ASA, Data Plane Protection, SecurityPrint View
  • Cisco ASA Flag Descriptions

    While trying to remember the connection flags for ASA, I decided to organize them better and post them. Flag Description A Awaiting Inside ACK to SYN a Awaiting Outside ACK to SYN B Initial SYN from Outside b TCP State-Bypass or Nailed C CTIQBE Media D DNS d Dump E Outside Back Connection F Outside […]

    Jul 25th, 2011 • Filed under ASA, DocumentationPrint View
Archive for the ‘Cisco’ Category