access-list Outside_in extended deny ip host x.x.x.x
my IDS has been reporting PHP-remote code execution on a target webserver (10.y.y.y) from an attacker 123.x.x.x. so I created an access -list as follows:
access-list Outside_in extended deny ip host 123.x.x.x any.
access-group Outside-in applied inbound to the outside interface exist already.
I still continue to receive IDS alerts and the access-list does not register any hitcounts.
I did packet tracer on asdm from attacker's IP (123.x.x.x) to IP of target webserver (10.y.y.y) and the result showed packet was dropped and hitcount on the access-list was registered. So packet tracer's result showed that access-list works and i keep recieving notification on my IDS.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...