Hi all, Answers below:
From: Todd Suiter Date: Wed Sep 12 20:19:02 2001
I'm hearing rumors of problems with the 515 series PIX:
'...that in some cases Cisco has opted to replace customers' 515 Pixes with 520's at no charge because the 515 in some cases accepts packets with spoofed source addresses that it should be able to reject.'
This is untrue.
has anyone heard of this? Far as I know the sw is the same, but hw is different.
The hardware is different - that's why there are different product numbers - however the difference is in processing power and speed. Currently on the PIX, the anti-spoofing checks are all done in SOFTWARE, so anti-spoofing will be consistent across all hardware platforms. Hope that helps, Lisa Napier Product Security Incident Response Team Cisco Systems http://www.cisco.com/warp/public/707/sec_incident_response.shtml PGP: A671 782D 2926 B489 F81A 3D5E B72F E407 B72C AF1F ID: 0xB72CAF1F, DH/DSS 2048/1024
participants (1)
-
Lisa Napier