Re: Cisco Adaptive Security Appliance goes beyond blocking ports. Is that a Microsoft-only defense?

On Mar 2, 12:20 pm, "Ramon F Herrera" <r..._at_conexus.net> wrote:
> I recently installed my first Cisco ASA-5500 security box. It is a
> very impressive piece of equipment, with a bewildering array of
> capabilities. The feature that find most intriguing is that it goes
> above (in the ISO/OSI sense) the IP, TCP and UDP layers, presumably
> inspecting whether a message or packet contains a virus or other
> malware.
>
> What I would like to clarify, because is a matter of dispute among
> some colleagues, is exactly what applications and operating systems
> are being inspected. My buddies claim (more like a wild or hopeful
> guess) that not only is port 1521 of an Oracle server blocked but the
> ASA knows about Oracle exploits, and similarly it can check for
> weaknesses on behalf of Linux or other Unixes. I find that very hard
> to believe, and my counterclaim is that only Windows or other
> Microsoft products have reached a level of disseminated infections to
> grant the depth of attention by the security software.
>
> Comments?
>
> -Ramon F Herrera

Looking at the data sheets, it just looks like it uses typical trend micro stuff to look for malware. If they can point to something that specifically mentions Oracle, let us know.

Most of us don't even use port 1521 anymore.

Be afraid:
http://www.securiteam.com/securitynews/6N00D1FEKE.html http://www.cisco.com/en/US/products/products_security_advisory09186a00806e9b6f.shtml

Hey, maybe that means they do know what to look for!

jg

--
@home.com is bogus.
Burn me once, shame on you.  Burn me twice, shame on me.  Burn me
enough times you have to reformat the output for number of times
burnt, shame on Microsoft!