Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-15 Thread Adrian M
> mobile: +39 340 4751352 > > fax: +39 045 4850850 > > skype: roberto.taccon > > > > -Messaggio originale- > Da: NANOG [mailto:nanog-boun...@nanog.org] Per conto di Adrian M > Inviato: lunedì 15 febbraio 2016 10.06 > A: nanog@nanog.org > Oggett

Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-15 Thread Adrian M
oblem: > > https://www.reddit.com/r/networking/comments/433kqx/cisco_asa_not_recording_an_arp_entry/ > > > > On Wed, Feb 10, 2016 at 10:36 PM, Sadiq Saif wrote: > >> Update your ASAs folks, this is a critical one. >> >> >> Forwarded Message --

Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-12 Thread Marco Teixeira
Hi, First, understand how it's done, then maybe you can think of something. https://blog.exodusintel.com/2016/02/10/firewall-hacking/ If you are stopping IKE with ACL's, you probably need to address NAT-T as well (udp:4500). But if you are doing that, you probably don't need IKE active at the ASA

Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-11 Thread Dale W. Carder
Thus spake Andrew (Andy) Ashley (andre...@aware.co.th) on Thu, Feb 11, 2016 at 02:35:51PM +: > Is a control-plane ACL to limit isakmp traffic (UDP/500) to an affected ASA > from desired sources enough to mitigate this attack, until upgrades can be > performed? It's worth noting that is not

Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-11 Thread Andrew (Andy) Ashley
To: "nanog@nanog.org" Subject: Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability >Be careful, It appears that something is broken with ARP on this release. >We have no ARP on lan interface, and somebody else has a similar

Re: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-11 Thread Adrian M
: > Update your ASAs folks, this is a critical one. > > > Forwarded Message > Subject: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and > IKEv2 Buffer Overflow Vulnerability > Date: Wed, 10 Feb 2016 08:06:51 -0800 > From: Cisco Systems Product Se

Fwd: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

2016-02-10 Thread Sadiq Saif
Update your ASAs folks, this is a critical one. Forwarded Message Subject: [c-nsp] Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability Date: Wed, 10 Feb 2016 08:06:51 -0800 From: Cisco Systems Product Security Incident Response Team Reply

RE: Cisco ASA

2015-09-11 Thread Murat Kaipov
7; Subject: Cisco ASA HI Do you know any seller of Cisco ASA (used and new) please? Please contact me offline. Thank you KARIM M.

Cisco ASA

2015-09-11 Thread A MEKKAOUI
HI Do you know any seller of Cisco ASA (used and new) please? Please contact me offline. Thank you KARIM M.

Re: Cisco ASA SME's

2013-06-11 Thread Phil Fagan
Thank you On Tue, Jun 11, 2013 at 5:42 PM, Dobbins, Roland wrote: > > On Jun 12, 2013, at 6:36 AM, Phil Fagan wrote: > > > Any ASA sme's out there? > > Suggest you check on the cisco-nsp list. > > --- > Roland Dobbins //

Re: Cisco ASA SME's

2013-06-11 Thread Dobbins, Roland
On Jun 12, 2013, at 6:36 AM, Phil Fagan wrote: > Any ASA sme's out there? Suggest you check on the cisco-nsp list. --- Roland Dobbins // Luck is the residue of opportunity and design.

Cisco ASA SME's

2013-06-11 Thread Phil Fagan
Any ASA sme's out there? -- Phil Fagan Denver, CO 970-480-7618

CISCO ASA Botnet Traffic Filter contact off-list

2012-03-13 Thread Jeff Fisher
Hi, Does anyone have a contact at CISCO that deals with their ASA botnet filtering software? I'm having trouble finding out why our network is listed. Thanks, Jeff

Re: Cisco ASA / Comcast SMTP problem workaround

2009-01-18 Thread Suresh Ramasubramanian
Yeah, and that's supposed to support port 587 by default too - like most other webhosting control panel software used on pizzabox installs by lowcost webhosts around the world. Did you try something like, say, telnet localhost 587 and see? --srs On Mon, Jan 19, 2009 at 6:36 AM, wrote: > The Co

Re: Cisco ASA / Comcast SMTP problem workaround

2009-01-18 Thread lorell
The Control Panel is H-Sphere. Quoting Suresh Ramasubramanian : On Mon, Jan 19, 2009 at 6:07 AM, wrote: I have the problem when working out of my house that Comcast will lock down outbound SMTP on the regular ports. This may be due to the kids' computer getting infected with a virus from t

Re: Cisco ASA / Comcast SMTP problem workaround

2009-01-18 Thread Suresh Ramasubramanian
On Mon, Jan 19, 2009 at 6:07 AM, wrote: > I have the problem when working out of my house that Comcast will lock down > outbound SMTP on the regular ports. This may be due to the kids' computer > getting infected with a virus from time to time. That is its own problem > and I want to deal with

Cisco ASA / Comcast SMTP problem workaround

2009-01-18 Thread lorell
. I run my own small hosting company at a colo for a handful of customer domains and several that I own. I have a Cisco ASA 5505 (security plus license) and a pair of mail servers needed for in- and out-bound SMTP. The servers are on private IP addresses behind the ASA which has s