Chapter 9. Attack Guards and Intrusion Detection

Chapter 9. Attack Guards and Intrusion Detection

Terms you'll need to understand:

  • Attack guards

  • Fragmentation guard

  • Mail Guard

  • Embryonic connections

  • TCP intercept

  • Signatures

  • False positives

  • Shunning

Techniques you'll need to master:

  • Setting embryonic connections

  • Setting IP audits to an interface

  • Configuring the Mail Guard feature

  • Disabling signatures

In addition to ACL filtering and application inspection, the PIX firewall has attack guards and intrusion detection built in to protect against access and denial-of-service (DoS) attacks. Attack guards help prevent penetration and DoS attacks from taking advantage of basic security threats such as weaknesses and security holes found in commonly used applications. Intrusion detection techniques are used by the PIX firewall to monitor and shun possible attacks by reviewing the IP signatures that pass through the device. This chapter reviews these features within the PIX firewall products.

CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218 © 2008-2017.
If you may any questions please contact us: