Dear ALL Could you please verify this configuration?? I have problem about How to sent RSKill to switch with seperate to 5 VLAN I know that IDS not support to sent RSKill on VLAN switch but I think it possible ask ISS implementer He told me that if it can route IDS can sent RSKill
Our configuration - switch A and B set to stack - SW1 have 5 VLAN - NS have 3 wire (RSKill , monitor ,management) - RSKill , monitor have been configed to VLAN1 - NS Monitor port can see all traffic on SW A&B - VLAN1 can route to all VLAN Our LAB Test - Set custom policy for block ftp_put - plug notebook in VLAN1 try to use ftp_put and NS can sent RSKill to reset connection - plug notebook in VLAN5 but NS can not sent RSKill Our solution - set up ethereal to sniff traffic on notebook VLAN5 . Then try to ftp again I excite that after verify packet I can see RST flag that sent to reset source(FTP server) and destination(Notebook) with spoof source MAC address and real MAC desitnation address (capture on notebook VLAN5) Our question - NS can sent RST flag with real MAC address notebook but Why it can not reset the connection??? - How to config/place/deploy NS to sent RSKill signal to all VLAN ??? Pramote, KBANK,TH _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
