I was very excited when FirePOWER 6.0 came out with support for Adaptive Security Device Manager (ASDM). ASDM complements CLI greatly on ASA from the configuration, management, and troubleshooting perspective so I was expecting the same for FirePOWER. Components: Cisco FirePOWER: 6.0 Take note of the following requirements and limitations: …
Category: Cisco
In Part 2 “Envelope Sender” field was used to match trusted 3rd party domains, but what if that field was also spoofed or did not have sender domain information needed to allow these messages. Below we see an email that came in from the domain “rrd.com” with spoofed “from” and …
As you start blocking spoofed emails based on configuration from the previous post you may need to make a few adjustments to your Incoming Content Filter. One of the them is to change final action for spoofed email from Drop and Discard to Quarantine. This may be needed to store …
Recently there’s been an increase in e-mail scams in which the attacker spoofs a message from the C-Level executive and tricks someone at the organization into wiring funds to the schemers. FBI alert and this article go in a lot of details about this attack. My post will be about …
Recently due to several issues I had with Sourcefire 6.0 code, I went through downgrade exercise taking it back down to version 5.4. With Sourcefire, there is no simple way to roll back from one version to another. Configuration backup helps with Defense Center however Sensors can not be rolled back to the previous …