Tuesday, June 9, 2015

Network Security Attacks and Defence

Network security

Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.



Types of attacks include:


Active

      1.  Denial-of-service attack (DoS)

      2.  Spoofing

      3.  Man in the middle

      4.  ARP poisoning
      5.  DNS Spoofing

      6.  Smurf attack

      7.  Buffer overflow

      8.  Heap overflow

      9.  Format string attack

      10.  SQL injection
      11. Cyber attack

 Passive
      1. Network

             a. Wiretapping

             b. Port scanner

             c. Idle scan
 

Denial-of-Service Attack (DoS)

 Denial of Service (DoS) attacks are among the most feared threats in today's cybersecurity landscape. Difficult to defend against and potentially costly, DoS attacks can cause outages of web sites and network services for organizations large and small. DoS attacks can also be lucrative for criminals, some of whom use these attacks to shake down businesses for anywhere from thousands to millions of dollars. 

 DoS attack is used as a distraction to funnel attention and resources away while a targeted breach attack is being launched. Anonymous used that technique in a major 2011 attack that ultimately led to the theft of over 12 million customers' credit card data.



 DoS vs DDoS


 The most easily executed type of DoS attack is one that is launched from a single origin. In this attack, a single machine somewhere on the Internet issues a barrage of network requests against a targeted victim machine. The requests themselves can take a variety of forms – for example, an  attack might use ICMP Flooding via ping requests, or HTTP requests against a web server.

In a DDoS attack, the incoming traffic flooding the victim originates from many different sources – potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.

How a Denial of Service Attack Works

The simple approach to DOS is to flood a server with a large amount of pointless traffic. This gives the server far too much to deal with. Bandwidth escalates, memory is exhausted and ordinary users can’t get a connection to the server.
But actually maxing out a server can be quite difficult, even with a large number of computers opening up as many connections as they can. As such, attackers have come up with a way to magnify the effect by using fake IP addresses.
Using fake IPs, the same process can be carried out by one computer, a botnet that’s controlled by one master or, as with Operation Payback, a group of people working together.
Here’s what happens.

  1. The attacking machine sends a SYN packet to the server. However, it makes it appear to come from somewhere else.
  2. The server then responds with a SYN/ACK packet, but there’s no response – the sender address was fake.
  3. The server continues to wait for a reply, keeping the connection open and in its memory until it times out.
The server keeps a bunch of useless connections open, losing more and more memory to the attack and eventually becoming crippled.
The strategy is actually fairly successful. It has slowed or crashed some prominent sites.
However, companies have become wise to DDOS attacks and have begun to take some precautions.

Risks Associated with Denial of Service Attacks

Denial of Service attacks are centered around the concept that by overloading a target’s resources, the system will ultimately crash. In the case of a DoS attack against a web application, the software is overloaded by the attack and the application fails to serve web pages properly. To crash a web server running an application, a DoS threat attacks the following services:

  • Network bandwidth
  • Server memory
  • Application exception handling mechanism
  • CPU usage
  • Hard disk space
  • Database space
  • Database connection pool

Can a DDoS be stopped ?

Let's start with the bad news: It is very difficult to defend against a sophisticated DDoS attack launched by a determined adversary.

There are several ways to defend against a DDOS attack. None can guarantee prevention, but the website owner does have options:

  1. Filtering: Routers at the edge of the network can be trained to spot and drop DDOS connections, preventing them from slowing the network or the server.
  2. Moving: If the attack is pointed at a specific IP address, the site’s IP can be changed. This is what the White House did before a nasty computer virus tried to DDOS its site.
  3. Blackholing: A host may simply “blackhole” a site that is being DDOSed, directing all traffic to it to an address that doesn’t exist. This is normally a last resort.
In addition, many companies sell anti-DDOS applications that detect and block attacks.
The only sure-fire way to end a DDOS attack is to wait it out. Most attacks don’t last very long because those with botnets don’t wish to expose their network for too long, and group attacks can’t hold their cohesion forever. Though it may take a few days, the attack will cease of its own accord.
 

Spoofing

A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread maleware or bypass access controls. There are several different types of spoofing attacks that malicious parties can use to accomplish this. Some of the most common methods include IP address spoofing attacks, ARP spoofing attacks and DNS server spoofing attacks.



ARP Spoofing/ Poisoning

 ARP Spoofing/ Poisoning is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing may allow an attacker to intercept data frames on a LAN, modify the traffic, or stop the traffic altogether. Often the attack is used as an opening for other attacks, such as denial of service, man in the middle, or session hijacking attacks.
The attack can only be used on networks that make use of the Address Resolution Protocol (ARP), and is limited to local network segments.



DNS Server Spoofing Attacks

The Domain Name System (DNS) is a system that associates domain names with IP addresses. Devices that connect to the internet or other private networks rely on the DNS for resolving URLs, email addresses and other human-readable domain names into their corresponding IP addresses. In a DNS server spoofing attack, a malicious party modifies the DNS server in order to reroute a specific domain name to a different IP address. In many cases, the new IP address will be for a server that is actually controlled by the attacker and contains files infected with malware. DNS server spoofing attacks are often used to spread computer worms and viruses.

Spoofing Attack Prevention and Mitigation

There are many tools and practices that organizations can employ to reduce the threat of spoofing attacks. Common measures that organizations can take for spoofing attack prevention include:

  • Packet filtering: Packet filters inspect packets as they are transmitted across a network. Packet filters are useful in IP address spoofing attack prevention because they are capable of filtering out and blocking packets with conflicting source address information (packets from outside the network that show source addresses from inside the network and vice-versa).
  • Avoid trust relationships: Organizations should develop protocols that rely on trust relationships as little as possible. It is significantly easier for attackers to run spoofing attacks when trust relationships are in place because trust relationships only use IP addresses for authentication.
  • Use spoofing detection software: There are many programs available that help organizations detect spoofing attacks, particularly ARP spoofing. These programs work by inspecting and certifying data before it is transmitted and blocking data that appears to be spoofed.
  • Use cryptographic network protocols: Transport Layer Security (TLS), Secure Shell (SSH), HTTP Secure (HTTPS) and other secure communications protocols bolster spoofing attack prevention efforts by encrypting data before it is sent and authenticating data as it is received.






Man in the Middle

In cryptography and computer security, the man-in-the-middle attack (often abbreviated to MITM, MitM, MIM, MiM or MITMA) requires an attacker to have the ability to both monitor and alter or inject messages into a communication channel. One example is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle.


 As an attack that aims at circumventing mutual authentication, or lack thereof, a man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint to their satisfaction as expected from the legitimate other end. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, TLS can authenticate one or both parties using a mutually trusted certification authority.

Smurf Attack

 The Smurf Attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address. Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim's computer will be flooded with traffic. This can slow down the victim's computer to the point where it becomes impossible to work on.



 Buffer Overflow

 In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety.
Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. Thus, they are the basis of many software vulnerabilities and can be maliciously exploited.




 Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array. Bounds checking can prevent buffer overflows.

Exploitation


  1. Stack-based exploitation
  2. Heap-based exploitation
  3. Barriers to exploitation
  4. Practicalities of exploitation
         => NOP sled technique,
         => The jump to address stored in a register technique

Protective Countermeasures


  1. Choice of programming language
  2. Use of safe libraries
  3. Buffer overflow protection
  4. Pointer protection
  5. Executable space protection
  6. Address space layout randomization
  7. Deep packet inspection

 Heap Overflow 

 A heap overflow is a type of buffer overflow that occurs in the heap data area. Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Exploitation is performed by corrupting this data in specific ways to cause the application to overwrite internal structures such as linked list pointers. The canonical heap overflow technique overwrites dynamic memory allocation linkage (such as malloc meta data) and uses the resulting pointer exchange to overwrite a program function pointer.


Format String Attack

Uncontrolled format string is a type of software vulnerability, discovered around 1999, that can be used in security exploits. Previously thought harmless, format string exploits can be used to crash a program or to execute harmful code. The problem stems from the use of unchecked user input as the format string parameter in certain C functions that perform formatting, such as “printf()”. A malicious user may use the “%s”  & “%x” format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the “%n” format token, which commands “printf()” and similar functions to write the number of bytes formatted to an address stored on the stack.

SQL Injection

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

In a 2012 study, security company Imperva observed that the average web application received 4 attack campaigns per month, and retailers received twice as many attacks as other industries.

Technical Implementations


  1. Incorrectly filtered escape characters
  2. Incorrect type handling
  3. Blind SQL injection
  4. Conditional responses
  5. Second Order SQL Injection

Mitigation


  1. Parameterized statements
  2. Enforcement at the coding level
  3. Escaping
  4. Pattern check
  5. Database permissions

 Cyber Attack

Cyber-attack is any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system. These can be labelled as either a Cyber campaign, cyber-warfare or cyber-terrorism in different context. Cyber-attacks can range from installing spyware on a PC to attempts to destroy the infrastructure of entire nations. Cyber-attacks have become increasingly sophisticated and dangerous as the Stuxnet worm recently demonstrated.



 cyber attack prevention

  • Never click on links in emails. If you do think the email is legitimate, whether from a third party retailer or primary retailer, go to the site and log on directly. Whatever notification or service offering was referenced in the email, if valid, will be available via regular log on.
  • Never open the attachments. Typically, retailers will not send emails with attachments. If there is any doubt, contact the retailer directly and ask whether the email with the attachment was sent from them.
  • Do not give out personal information over the phone or in an email unless completely sure. Social engineering is a process of deceiving individuals into providing personal information to seemingly trusted agents who turn out to be malicious actors. If contacted over the phone by someone claiming to be a retailer or collection agency, do not give out your personal information. Ask them to provide you their name and a call-back number. Just because they may have some of your information does not mean they are legitimate!
Other practical tips to protect yourself from cyber attacks:
  • Set secure passwords and don't share them with anyone. Avoid using common words, phrases, or personal information and update regularly.
  • Keep your operating system, browser, anti-virus and other critical software up to date. Security updates and patches are available for free from major companies.
  • Verify the authenticity of requests from companies or individuals by contacting them directly. If you are asked to provide personal information via email, you can independently contact the company directly to verify this request.
  • Pay close attention to website URLs. Pay attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users.
  • For e-Mail, turn off the option to automatically download attachments.
  • Be suspicious of unknown links or requests sent through email or text message. Do not click on unknown links or answer strange questions sent to your mobile device, regardless of who the sender appears to be.

Wiretapping

Telephone tapping (also wire tapping or wiretapping in American English) is the monitoring of telephone and Internet conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on the telephone line. Legal wiretapping by a government agency is also called lawful interception. Passive wiretapping monitors or records the traffic, while active wiretapping alters or otherwise affects it.  

 Port scanner

A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.

 A port scan or port scan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine.





To portsweep is to scan multiple hosts for a specific listening port. The latter is typically used to search for a specific service, for example, an SQL-based computer worm may portsweep looking for hosts listening on TCP port 1433.


Types

  1. TCP scanning
  2. SYN scanning
  3. UDP scanning
  4. ACK scanning
  5. Window scanning
  6. FIN scanning
  7. Other scan types

 Idle Scan

The idle scan is a TCP port scan method that consists of sending spoofed packets to a computer to find out what services are available. This is accomplished by impersonating another computer called a "zombie" (that is not transmitting or receiving information) and observing the behavior of the ''zombie'' system.


 

Overall Defense against Network Attack

Configuration Management


The main weapon in network attack defense is tight configuration management. The following measures should be strictly implemented as part of configuration management.

• If the machines in your network should be running up-to-date copies of the operating system and they are immediately updated whenever a new service pack or patch is released.

• All your configuration files in your Operating Systems or Applications should have enough security.

• All the default passwords in your Operating Systems or Applications should be changed after the installation.

• You should implement tight security for root/Administrator passwords.
 

Firewalls


Another weapon for defense against network attack is Firewall. Firewall is a device and/or a sotware that stands between a local network and the Internet, and filters traffic that might be harmful. Firewalls can be classified in to four based on whether they filter at the IP packet level, at the TCP session level, at the application level or hybrid.

1. Packet Filtering: Packet filtering firewalls are functioning at the IP packet level. Packet filtering firewalls filters packets based on addresses and port number. Packet filtering firewalls can be used as a weapon in network attack defense against Denial of Service (DoS) attacks and IP Spoofing attacks.

2. Circuit Gateways: Circuit gateways firewalls operate at the transport layer, which means that they can reassemble, examine or block all the packets in a TCP or UDP connection. Circuit gateway firewalls can also Virtual Private Network (VPN) over the Internet by doing encryption from firewall to firewall.

3. Application Proxies: Application proxy-based firewalls function at the application level. At this level, you can block or control traffic generated by applications. Application Proxies can provide very comprehensive protection against a wide range of threats.

4. Hybrid: A hybrid firewall may consist of a pocket filtering combined with an application proxy firewall, or a circuit gateway combined with an application proxy firewall.
 

Encryption


Encryption is another great weapon used in defense against network attacks. Click the following link to get a basic idea of encryption.

Encryption can provide protection against eavesdropping and sniffer attacks. Private Key Infrastructure (PKI) Technologies, Internet Protocol Security (IPSec), and Virtual Private Networks (VPN) when implemented properly, can secure you network against network attacks.

Other tips for defense against network attack are

• Privilege escalation at different levels and strict password policies

• Tight physical security for all your machines, especially servers.

• Tight physical security and isolation for your back up data.
Posted by at No comments:
Labels:

Saturday, June 6, 2015

Cisco ASA Firewall Setup Wizard

Cisco ASA

ASA in Cisco ASA stands for Adaptive Security Appliance.

In brief, Cisco ASA is a  security device that combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities.  It provides proactive threat defense that stops attacks before they spread through the network. Indeed, it's the whole package, so to speak.

An ASA is valuable and flexible in that it can be used as a security solution for both small and large networks.
Beyond being a firewall, the Cisco ASA can do the following and more:
  • antivirus

  • antispam

  • IDS/IPS engine

  • VPN device

  • SSL device

  • content inspection

  

Cisco ASA Set-up Wizard

After you are connected to your Cisco ASA Firewall, you'll have to decide whether to use the startup wizard or use a different configuration methods. The introduction page will appear and which allows you to make a decision. Because you need to have Java installed on your PC.
you have three choices here:
  • Install ASDM Launcher and Run Cisco Adaptive Security Device Manager (ASDM): Installs the ASDM on your computer. If this is the computer you will always use to perform your management, this method makes the most sense.
  • Run ASDM: This option uses Java Web Start to launch the ASDM tool directly from the copy installed on the ASA. This is beneficial if you are not at your normal computer because you do not install any software.
  • Run Start-up Wizard: This option also uses Java Web Start to launch ASDM, with one exception; after the ASDM has launched, the Start-up Wizard runs automatically.




To perform the network configuration of the ASA, the following process walks you through the Startup Wizard:
  1. Click the Run Start-up Wizard button on the introduction page.

    You receive a warning related to the security settings on Java.

  2. If you are sure that you are connected to the correct device on the network and not some fake device trying to collect your credentials, dismiss the warning message.

    Because you expect this message from the ASDM, continue to the website. The Cisco ASDM Launcher dialog box appears.

  3. If you have an enable password, but no actual users, skip the Username field, fill in the enable password in the Password field, and click OK.

    If you have already created an administrative user, provide the username and password in the appropriate fields.


     The Starting Point page appears.


    4. Select one of the following, based on whether you are setting up the ASA initially or    whether you are using setup to change an existing ASA installation:
  • Modify Existing Configuration: You can choose to modify the existing configuration.

  • Reset Configuration to Factory Defaults: With the exception of the management interface, modify the default configuration. As it turns out, a lot of small networks out there require only simple changes to their configuration, and as such, re-running the Start-up Wizard is the easiest way to make these changes.


 5. Click the Next button.

     The Basic Configuration page, appears with two optional items which you can choose to do.

 6. (Optional) Select from the following items:
  • Configure the Device for Teleworker Usage: This option supports teleworkers or remote workers via a virtual private network (VPN). If you select this option, you are presented with an extra page of questions for the Easy VPN Remote Configuration near the end of the Startup Wizard.

    On this page, you can also tell the Startup Wizard the name of the firewall device, such as ASAFirewall1, and the domain name to which the device belongs, such as edtetz.net.

  • Change Privileged Mode (Enable) Password: If you are not happy with your current enable password, change it here before you complete this step of the Start-up Wizard.
    
      11. Click the Next button. 
           The Interface IP Address Configuration page appears.
      12. Assign IP configuration for each of your IP addresses.
 
For your outside address, you can manually assign an address, which is not uncommon for business Internet connections. If your Internet connection supports either Dynamic Host Configuration Protocol (DHCP) or Point-to-Point Protocol over Ethernet (PPPOE), select the appropriate option.

If you use DHCP, tell your ASA to use the default gateway it receives from DHCP as the system-wide default gateway for this device. If you choose not to use the system-wide default gateway option, you need to configure a manual route through ASDM or the route outside 0 0 <IP address of gateway> at the command-line interface (CLI).



     13. Click the Next button.
 
           The DHCP Server page appears. For small businesses or regional offices, the ASA may represent the only real device on the network other than printers and computers. You may have these locations set up without any local servers onsite.

     14. (Optional) Select the Enable DHCP Server on the Inside Interface check box to have the ASA act as a DHCP server for this network segment.

     15. (Optional) Select the Enable Auto-Configuration from Interface check box so that you can copy most of these settings from an existing interface.

Enabling the Auto-Configuration check box is very useful for Domain Name System (DNS) and Windows Internet Name Service (WINS) server addresses that are constantly being used on all network segments and may all be the same for the organization.

     16. Configure or change any of the missing information in the following:
  • Starting IP Address: The first address to be handed out in the DHCP range.

  • Ending IP Address: The last address to be handed out in the DHCP range.

  • DNS servers 1 and 2: The DNS servers that are handed out to DHCP clients.

  • WINS servers 1 and 2: The WINS servers that are handed out to DHCP clients.

  • Lease Length: The lease length determines when DHCP clients are required to renew their leases on the DHCP supplied addresses.

  • Ping Timeout: The Ping Timeout setting is used by the DHCP server because it pings each address that it is ready to give, prior to assigning the address, to verify that the address is not in use. This reduces the chance of duplicate IP addresses being created on the network.

  • Domain Name: The domain name of the DHCP client belongs to.



       17. Click the Next button.

            The Address Translation (NAT/PAT) page appears.

      18. Set up Network Address Translation or Port Address Translation.
            Choose from the available address translation methods:
  • Use Port Address Translation (PAT): Most small offices, which use only one public IP address on their Internet connection, use PAT on their connection. PAT can use a specific address or the main address from their outside VLAN interfaces. PAT allows an entire office to share (or translate to) a single external IP address for Internet access.

  • Use Network Address Translation (NAT): Selecting NAT puts one-to-one mapping (or translation) between internal and external IP addresses, so you can specify a range of addresses to use on the outside VLAN interface.

    If you use ASA internally on your network (for example, to protect a server subnet), you may want to select the Enable Traffic through the Firewall Without Address Translation radio button if you use public addresses on your internal network (not likely) or if you use the ASA as firewall on the interior of your network.


      19. Click the Next button.
            
           The Administrative Access page appears.

      20. Set what systems on your network can connect to your ASA to perform management or configuration changes.
 
       Use the following process to add new management interfaces. If you want to use ASDM, you need to select the Enable HTTP Server for HTTPS/ASDM Access check box, whereas the Enable ASDM History Metrics check box saves usage data regarding accessing the ASDM interface.

       In the command line setup, you only have the option to ASDM connections to be made from a single computer. This page allows you to specify additional systems that can perform management of your ASA and the type of connection they make to perform that configuration.
If you add a new management option, the Add Administrative Access Entry dialog box appears. Select your desired options to create the new Administrative Access entry:
  1. Choose HTTP (ASDM), SSH, or Telnet from the Access Type drop-down list.

  2. Choose Inside from the Interface Name drop-down list.

    Inside is typically the most secure interface option, but in some cases, such as if you need to be able to conduct remote administration over the Outside interface, you should be very restrictive in the address from which the administration is performed.

  3. Specify either a specific address from which administration is performed in the IP Address text box or give a network range defined by either an IP address or a Network ID from the Subnet Mask drop-down list.

    Remember, the more restrictive you can be with this configuration, the more secure your ASA is.
  4. Click OK.

    You return to the Administrative Access page.
If you allow your firewall to be administered from the outside interface, you leave yourself open to potentially being compromised by someone you do not know.


      21. Click the Next button.
 
            The summary page of the configuration Start-up Wizard appears, providing a summary of the configuration that you have applied to the system. All these configuration changes are written into the running configuration on the ASA. After the configuration changes are made, you see the standard ASA ASDM management screen. From this interface you can
  • Perform any other configuration changes.

  • Relaunch the Startup Wizard or other wizards.

  • Perform basic monitoring of the ASA via the home page.

  • Perform more detailed monitoring of the ASA and connections that it hosts through the Monitoring pages.

  • Run additional management and troubleshooting tools.

  • Save the current configuration to flash memory.





BGP is a complex, advanced distance Exterior Gateway Protocol (EGP), BGP exchange routing information between Autonomous Systems ( - See more at: http://orbit-computer-solutions.com/BGP.php#sthash.4FLPX5lf.dpuf
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)