Foundation Summary
The "Foundation Summary" provides a convenient review of many key concepts in this chapter. If you are already comfortable with the topics in this chapter, this summary can help you recall a few details. If you just read this chapter, this review should help solidify some key facts. If you are doing your final preparation before the exam, this summary provides a convenient way to review the day before the exam.PIX Firewall Version 6.3 and later support application inspection of the major protocols and applications that provide VoIP services including the following:
Cisco PIX Firewall has built-in features that help it mitigate most known attacks:- DNS Guard DNS queries and responses are torn down as soon as a reply to a DNS query is received, dropping all other responses and averting a DoS attack.
- Mail Guard The fixup protocol smtp command enables the Mail Guard feature, which restricts mail servers to receiving only the seven commands defined in RFC 821 section 4.5.1 ( HELO, MAIL, RCPT, DATA, RSET, NOOP , and QUIT ). All other commands are rejected.
- Flood Defender Protects inside systems from DoS attacks that flood interfaces with half-open TCP (embryonic) connections, otherwise known as SYN flooding.
- AAA Floodguard Monitors and recovers resources tied up in the user authentication (auth) subsystem, averting a DoS attack.
- IP Frag Guard Prevents DoS attacks caused by fragmented IP datagrams overwhelming the hosts.
Cisco PIX Firewall also includes an intrusion detection feature with 53 common attack signatures. PIX Firewall supports both inbound and outbound auditing. When an attack signature is detected, the PIX Firewall can send an alarm, drop the packet, or reset the TCP connection. |
لطفا منتظر باشید ...
