About Carlos Castillo

Carlos Castillo · 07-09-2009

Is there a way to write a custom signature that looks for a IP address making rapid connection attempts to an IPSec termination device trying to brute force a pre-shared key? Would this be something the Anomaly Detection engine would detect?

Carlos Castillo · 06-12-2009

What's invalid about the DHCP packet? Cisco doesn't explain what the signature looks at to determine that the DHCP packet is invalid.

Carlos Castillo · 01-06-2010

Luis,Try disabling all of the TCP Drop (1330) signatures on the IPS. These signatures look at the packet headers and drop all packets that do not meet RFC specifications.1330-0: TCP packet has bad checksum. This signature will not produce an alert in...

Member Since	‎06-12-2009 11:28 AM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	3

User Statistics

User Activity

Custom Signature Question

Signature 4619 "Invalid DHCP Packet"

Re: Problems trying to download from the web