[prev in list] [next in list] [prev in thread] [next in thread]
List: sidewinder
Subject: [Sidewinder] RE: Sidewinder digest, Vol 1 #112 - 3 msgs
From: "Rodriguez Michael TSgt AFCA/GCF" <Michael.Rodriguez-02 () scott ! af ! mil>
Date: 2002-01-17 7:35:07
[Download RAW message or body]
If you can access the system with Secure Shell, look and modify the the
appropriate rule (Secure Cobra rule)in the ACL using the cf command to
trouble shoot and resolve.
'rz'
-----Original Message-----
From: sidewinder-request@adeptech.com
To: sidewinder@adeptech.com
Sent: 1/16/02 11:02 AM
Subject: Sidewinder digest, Vol 1 #112 - 3 msgs
Send Sidewinder mailing list submissions to
sidewinder@adeptech.com
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.adeptech.com/mailman/listinfo/sidewinder
or, via email, send a message with subject or body 'help' to
sidewinder-request@adeptech.com
You can reach the person managing the list at
sidewinder-admin@adeptech.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Sidewinder digest..."
Today's Topics:
1. Re: Evaluating the configuration
(Jeffery.Gieser@minnesotamutual.com)
2. Error accessing Secure Cobra (Cody Steve Civ USCENTAF NOSC-D)
3. Error accessing Secure Cobra (Miles Standish)
--__--__--
Message: 1
To: Sidewinder@adeptech.com
Subject: Re: [Sidewinder] Evaluating the configuration
From: Jeffery.Gieser@minnesotamutual.com
Date: Tue, 15 Jan 2002 12:21:25 -0600
This is a multipart message in MIME format.
--=_alternative 0064D66C86256B42_=
Content-Type: text/plain; charset="us-ascii"
Jerry,
There is no "best practices" document put out by Secure
Computing
but the company doing the Common Criteria testing will be putting one
out
when they finish. It will be for Sidewinder V5.2. Our audit department
has a firewall audit checklist but it doesn't get into any Sidewinder
specific stuff and they are unaware of any audit sites that have
information that directly pertains to the Sidewinder. It sounds like
you
have plenty of audit knowledge. If you have any Sidewinder specific
questions like how to read a "cf acl query", I would be more than happy
to
help.
Regards,
Jeffery Gieser
--=_alternative 0064D66C86256B42_=
Content-Type: text/html; charset="us-ascii"
<br><font size=2 face="sans-serif">Jerry,</font>
<br>
<br><font size=2 face="sans-serif"> There is
no "best practices" document put out by Secure Computing but
the company doing the Common Criteria testing will be putting one out
when they finish. It will be for Sidewinder V5.2. Our audit
department has a firewall audit checklist but it doesn't get into any
Sidewinder specific stuff and they are unaware of any audit sites that
have information that directly pertains to the Sidewinder. It
sounds like you have plenty of audit knowledge. If you have any
Sidewinder specific questions like how to read a "cf acl
query", I would be more than happy to help.</font>
<br>
<br><font size=2 face="sans-serif">Regards,</font>
<br><font size=2 face="sans-serif">Jeffery Gieser</font>
<br>
--=_alternative 0064D66C86256B42_=--
--__--__--
Message: 2
From: Cody Steve Civ USCENTAF NOSC-D <cody.steve@noscd.centaf.af.mil>
To: "'sidewinder@adeptech.com'" <sidewinder@adeptech.com>
Date: Wed, 16 Jan 2002 08:16:10 -0000
Subject: [Sidewinder] Error accessing Secure Cobra
I am having a problem accessing Secure Cobra remotely on a couple of our
Sidewinder 5.2 firewalls. The only change that was made to the firewall
was
a change to the Secure Cobra ACL to specify a group of source addresses
(a
subnet) instead of allowing all.
Now, we're getting this error when attempting to connect to the primary.
We
can successfully connect to the secondary (slave) firewall via Secure
Cobra.
User 'myusername' and authmethod 'Password' are not valid.
We are able to access the Primary firewall via SSH, so we can do
anything at
the command line that is necessary. We do not have physical access to
the
machine.
I suspect something has changed with the valid authentication methods
for
Secure Cobra. I'd like to know what conf file specifies this
information.
Any help?
Thanks!
Steve Cody, Civ.
USCENTAF NOSC-D
L3/EER Contractor
DSN - 312.965.1488
Commercial - 803.895.1488
--__--__--
Message: 3
From: "Miles Standish" <mimics_clone@hotmail.com>
To: sidewinder@adeptech.com
Subject: [Sidewinder] Error accessing Secure Cobra
Date: Wed, 16 Jan 2002 15:09:22 +0000
There is not a specific configuration file that can be accessed by the
command line directly that contains the acl information. To modify acls
from the command line I usually do something similar to:
# Dump the acls.
cf acl q > out
# Backup just in case
cp out out.bak
# Modify
vi out
# Clean up
cf acl pu table='*'
# Install new policy
cf -f out
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
--__--__--
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
End of Sidewinder Digest
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic