Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Asdm 7 User Guide. The Cisco manuals for Computer Equipment are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 631

    Page 631 28-7 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 1002 400002 IP options-Timestamp Informational Triggers on receipt of an IP datagram where the IP option list for the datagram includes option 4 (Timestamp). 1003 400003 IP options-Security Informational Triggers on receipt of an IP datagram where the IP option list for the datagram includes option 2 (Security options). 1004 400004 IP options-Loose Source... 
     
28-7
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support
1002 400002 IP options-Timestamp Informational Triggers on receipt of an IP datagram where 
the IP option list for the datagram includes 
option 4 (Timestamp).
1003 400003 IP options-Security Informational Triggers on receipt of an IP datagram where 
the IP option list for the datagram includes 
option 2 (Security options).
1004 400004 IP options-Loose Source...

    Page 632

    Page 632 28-8 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 2002 400012 ICMP Source Quench Informational Triggers when an IP datagram is received with the protocol field of the IP header set to 1 (ICMP) and the type field in the ICMP header set to 4 (Source Quench). 2003 400013 ICMP Redirect Informational Triggers when a IP datagram is received with the protocol field of the IP header set to 1 (ICMP) and the type... 
     
28-8
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support
2002 400012 ICMP Source Quench Informational Triggers when an IP datagram is received 
with the protocol field of the IP header set to 
1 (ICMP) and the type field in the ICMP 
header set to 4 (Source Quench).
2003 400013 ICMP Redirect Informational Triggers when a IP datagram is received with 
the protocol field of the IP header set to 1 
(ICMP) and the type...

    Page 633

    Page 633 28-9 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 2150 400023 Fragmented ICMP Traffic Attack Triggers when a IP datagram is received with the protocol field of the IP header set to 1 (ICMP) and either the more fragments flag is set to 1 (ICMP) or there is an offset indicated in the offset field. 2151 400024 Large ICMP Traffic Attack Triggers when a IP datagram is received with the protocol field of the IP... 
     
28-9
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support
2150 400023 Fragmented ICMP Traffic Attack Triggers when a IP datagram is received with 
the protocol field of the IP header set to 1 
(ICMP) and either the more fragments flag is 
set to 1 (ICMP) or there is an offset indicated 
in the offset field.
2151 400024 Large ICMP Traffic Attack Triggers when a IP datagram is received with 
the protocol field of the IP...

    Page 634

    Page 634 28-10 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 6051 400035 DNS Zone Transfer Informational Triggers on normal DNS zone transfers, in which the source port is 53. 6052 400036 DNS Zone Transfer from High Port Informational Triggers on an illegitimate DNS zone transfer, in which the source port is not equal to 53. 6053 400037 DNS Request for All Records Informational Triggers on a DNS request for all... 
     
28-10
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support
6051 400035 DNS Zone Transfer Informational Triggers on normal DNS zone transfers, in 
which the source port is 53.
6052 400036 DNS Zone Transfer from High Port  Informational Triggers on an illegitimate DNS zone transfer, 
in which the source port is not equal to 53.
6053 400037 DNS Request for All Records Informational Triggers on a DNS request for all...

    Page 635

    Page 635 28-11 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 6180 400049 rexd (remote execution daemon) AttemptInformational Triggers when a call to the rexd program is made. The remote execution daemon is the server responsible for remote program execution. This may be indicative of an attempt to gain unauthorized access to system resources. 6190 400050 statd Buffer Overflow Attack Triggers when a large statd... 
     
28-11
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support
6180 400049 rexd (remote execution daemon) 
AttemptInformational Triggers when a call to the rexd program is 
made. The remote execution daemon is the 
server responsible for remote program 
execution. This may be indicative of an 
attempt to gain unauthorized access to system 
resources.
6190 400050 statd Buffer Overflow Attack Triggers when a large statd...

    Page 636

    Page 636 28-12 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 28 Using Protection Tools Configuring IP Audit for Basic IPS Support 
     
28-12
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 28      Using Protection Tools
  Configuring IP Audit for Basic IPS Support

    Page 637

    Page 637 CH A P T E R 29-1 Cisco ASA Series Firewall ASDM Configuration Guide 29 Configuring Filtering Services This chapter describes how to use filtering services to provide greater control over traffic passing through the ASA and includes the following sections: Information About Web Traffic Filtering, page 29-1 Configuring Filtering Rules, page 29-6 Filtering the Rule Table, page 29-11 Defining Queries, page 29-12 Filtering URLs and FTP Requests with an External Server, page 29-2 Information About Web... 
    CH A P T E R
 
29-1
Cisco ASA Series Firewall ASDM Configuration Guide
 
29
Configuring Filtering Services
This chapter describes how to use filtering services to provide greater control over traffic passing 
through the ASA and includes the following sections:
Information About Web Traffic Filtering, page 29-1
Configuring Filtering Rules, page 29-6
Filtering the Rule Table, page 29-11
Defining Queries, page 29-12
Filtering URLs and FTP Requests with an External Server, page 29-2 
Information About Web...

    Page 638

    Page 638 29-2 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 29 Configuring Filtering Services Filtering URLs and FTP Requests with an External Server Filtering URLs and FTP Requests with an External Server This section describes how to filter URLs and FTP requests with an external server and includes the following topics: Information About URL Filtering, page 29-2 Licensing Requirements for URL Filtering, page 29-3 Guidelines and Limitations for URL Filtering, page 29-3 Identifying the... 
     
29-2
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 29      Configuring Filtering Services
  Filtering URLs and FTP Requests with an External Server
Filtering URLs and FTP Requests with an External Server
This section describes how to filter URLs and FTP requests with an external server and includes the 
following topics:
Information About URL Filtering, page 29-2
Licensing Requirements for URL Filtering, page 29-3
Guidelines and Limitations for URL Filtering, page 29-3
Identifying the...

    Page 639

    Page 639 29-3 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 29 Configuring Filtering Services Filtering URLs and FTP Requests with an External Server Licensing Requirements for URL Filtering The following table shows the licensing requirements for URL filtering: Guidelines and Limitations for URL Filtering This section includes the guidelines and limitations for this feature. Context Mode Guidelines Supported in single and multiple context mode. Firewall Mode Guidelines Supported in routed... 
     
29-3
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 29      Configuring Filtering Services
  Filtering URLs and FTP Requests with an External Server
Licensing Requirements for URL Filtering
The following table shows the licensing requirements for URL filtering:
Guidelines and Limitations for URL Filtering
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed...

    Page 640

    Page 640 29-4 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 29 Configuring Filtering Services Filtering URLs and FTP Requests with an External Server Enter the number of seconds after which the request to the URL filtering server times out. The default is 30 seconds. In the Protocol area, to specify which TCP version to use to communicate with the URL filtering server, click one of the following radio buttons: –TCP 1 –TCP 4 –UDP 4 Enter the maximum number of TCP connections allowed for... 
     
29-4
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 29      Configuring Filtering Services
  Filtering URLs and FTP Requests with an External Server
Enter the number of seconds after which the request to the URL filtering server times out. The 
default is 30 seconds.
In the Protocol area, to specify which TCP version to use to communicate with the URL filtering 
server, click one of the following radio buttons:
–TCP 1
–TCP 4
–UDP 4
Enter the maximum number of TCP connections allowed for...
    Start reading Cisco Asdm 7 User Guide
    All Cisco manuals