Firewall, what better? ASA or Linux?

Similar Messages

• How do i see what beta ver i'm at - deeper than Help | About Firefox - registry .. ?

  i am enrolled in the beta channel but because the notification popups are so quick i someties do not see that a new beta ver is available. i consult filehippo regularly to see what updates are out there but i want to have a way i can find what beta i'm at - Help|About Firefox doesn't get it - how can i find that? looked in registry but haven't found what i want
  any idees?
  ciao
  saw

  I'm not trying to discredit your work. But I did actually read the workaround and it is valid. That is true. But still that's not an answer to my question nor an explanation for that design choice. It's a workaround for a software not displaying the exact version.
  So why not jump in this thread if it exists? Why create a new thread with the same question? Also to apply your logic, why didn't anybody tell the user to use the stable version if he's incapable of figuring out the obvious?

• What to write in linux to identify the device

  hi!
  As we are writting in windows vfw://0 to identify the camera, what to write for linux........
  plz send answer immediately.
  Thank you

  mitulmirani wrote:
  I Bought HP g049au from flipkart.com and it was mentioned on the flipkart website to register on HP's website for ADP registration.
  Please tell me what to write in Partner's name in the ADP registration form.
  This is HP user forum not HP support you need to contact that site and ask them where to register at.
  I am a Volunteer to help others on here-not a HP employee.
  Replies aren't online 24/7 because of Time Zone differences.
  Remember in this Day and Age of Computing the Internet is Knowledge at your fingertips if you choose understand it. -2015-

• Whats better Retina display or hd super amoled screen (samsung)

  whats better Retina display or hd super amoled screen (samsung)

  Retina display is better.If you've seen if you put your face straight up to the screen of the iPhone 4 you can't see the pixels

• Whats better for college/grad school- ipad 3 with keyboard or mac book air? 11 inch

  whats better for college/grad school- ipad 3 with keyboard or mac book air? 11 inch

  Nobody can tell you which one is best for you, it's a personal preference. However, here are a few factors you might want to take into consideration:
  1-They're two different devices that serve different purposes. The way you take notes in an iPad is different than the way you would on a MBA. On the iPad, with apps like Evernote and Notability you can take more complete notes than with a MBA. You have the option to have audio notes, write with a Stylus, make diagrams by hand to explain/relate concepts easily. With the external keyboard (for that I'd recommend using the Apple Wireless Keyboard with the InCase Origami Workstation) you could type just as fast as you would on a MBA and format the text just like you would on the MBA. However, for bigger (possibly partner) papers, the MBA would help you. You could start the paper on the iPad without any issues (using Pages or even Evernote) but you'd need a laptop/computer to finalize the project.
  2-Portability wise, they're both incredibly light. The iPad is somewhat smaller = lighter but with the keyboard they're about the same. The fact that with the ipad + keyboard combo you can take out the keyboard only when you need it, for me, is an advantage be ause when I don't want to use it, it's not in the way. For others, it's a disadvantage because you have to carry two items instead of one.
  3-The iPad needs a computer to be updated, synced, etc. So if you don't have one, definitely get the MBA. The MBA can work as a standalone computer. The iPad needs to be synced to an iTunes library in a computer.
  4-MBA let's you access all websites and most file types. If one of your classes requires you to go to the Browser and see a Flash enabled page, the iPad would not be of much help. Same goes for any programs you might need to install. On the MBA you'll most likely be able to do so. On the iPad, chances are there won't be an app for that.
  5-If you already have a MBP or any other laptop, I'd go for the iPad. If/when the iPad falls short(because of the limitations mentioned above) you can use the laptop. And in the mean time, use the iPad for everything else. That way you get the best of both worlds.
  6-Studying (reading, highlighting, annotating) is easier and more intuitive on the iPad. The iPad is great for reading, combine that with the fact that you can leave comments/notes just like you would on a physical piece of paper, and you've got the best way to learn IMO.

• Whats better: basic config. mbp + 23" display, or 17" mbp

  I am planning on getting a MacBook Pro soon, although I don't know whats better: to get a 15 inch with a 23 inch display or a 17 inch macbook pro without the display.

  Depends on your needs. If you need a big screen on the road and you travel frequently you need the 17". I travel a lot, but the screen real estate is mostly of value at home, where I keep both the MBP and 23" ACD open. Most of my travel is overnight--I am rarely gone for more than 2 days. If I needed to be gone for weeks at a time, the extra real estate would really come in handy.
  I mostly use Office-style apps. If you do other things, like video, and you are on the road for weeks at a time, I suspect the 17" hi-res is the way to go. Otherwise, the 23" ACD is awesome at home!

• Whats better for the LCD

  Whats better:
  A; opening and closing the display every time i leave the computer, or
  B; just leaving it open?
  Option A. would mean opening and closing the lid about 20 times a day. Would that cause too much wear, or lower the life of the Backlight having it turn on and off all the time like that, or is it worse to just leave it on all the time?

  I leave it open because I have an iSkin keyboard protector! (it is useful) Or, you can tilt it down without actually closing it so the dust don't fall directly on your keyboard on screen.
  Set Energy saver at Better Battery Life. I only turn the brightness level from 2 notches to halfway.
  iSkin protector.
  http://www.iskin.com/protouch_PB1.html
  I got it from our campus's computer store so it was cheaper than other store's price.

• Whats better for my mbp 2013 retina in the long run? Keep it plugged in as much as possible or letting the battery hit 10% and then recharge it?

  Whats better for my mbp 2013 retina in the long run? Keep it plugged in as much as possible or letting the battery hit 10% and then recharge it?

  Odd you ask that, since both are HORRIBLE,   ... especially often draining your battery low.
  General consideration of your MacBook battery
  Contrary to popular myths about notebook batteries, there is protection circuitry in your Macbook and therefore you cannot ‘overcharge’ your notebook when plugged in and already fully charged.
  However if you do not plan on using your notebook for several hours, turn it off (plugged in or otherwise), since you do not want your Macbook ‘both always plugged in and in sleep mode’.
  A lot of battery experts call the use of Lithium-Ion cells the "80% Rule", meaning use 80% of the full charge or so, then recharge them for longer overall life. The only quantified damage done in the use of Lithium Ion batteries are instances where the internal notebook battery is “often drained very low”, this is bad general use of your notebook battery.
  A person who has, for example, 300 charge cycles on their battery and is recharging at say 40% remaining of a 100% charge has a better battery condition state than, say, another person who has 300 charge cycles on their battery and is recharging at say 10-15% remaining on a 100% charge. DoD (depth of discharge) is much more important on the wear and tear on your Macbook’s battery than the count of charge cycles. There is no set “mile” or wear from a charge cycle in specific. Frequent high depth of discharge rates (draining the battery very low) on a Lithium battery will hasten the lowering of maximum battery capacity.
  All batteries in any device are a consumable meant to be replaced eventually after much time, even under perfect use conditions.
  If the massive amount of data that exists on lithium batteries were to be condensed into a simplex, helpful, and memorable bit of information it would be:
  1. While realistically a bit impractical during normal everyday use, a lithium battery's longevity and its chemistry's health is most happy swinging back and forth between 20% and 85% charge roughly.
  2. Do not purposefully drain your battery very low (10% and less), and do not keep them charged often or always high (100%).
  3. Lithium batteries do not like the following:
  A: Deep discharges, as meaning roughly 10% or less on a frequent basis.
  B: Rapid discharges as referring to energy intensive gaming on battery on a frequent basis (in which case while gaming, if possible, do same on power rather than battery). This is a minor consideration.
  C: Constant inflation, as meaning always or most often on charge, and certainly not both in sleep mode and on charge always or often.
  From Apple on batteries:
  http://www.apple.com/batteries/notebooks.html
  http://support.apple.com/kb/HT1446
  "Apple does not recommend leaving your portable plugged in all the time."
  Keep it plugged in when near a socket so you keep the charging cycles down on your LiPo (lithium polymer) cells / battery, but not plugged in all the time. When not being used for several hours, turn it off.
  DoD (depth of discharge) is far more important on the wear and tear on your Macbook battery than any mere charge cycle count.  *There is no set “mile” or wear from a charge cycle in general OR in specific.    As such, contrary to popular conception, counting cycles is not conclusive whatsoever, rather the amount of deep DoD on an averaged scale of its use and charging conditions.
                            (as a very rough analogy would be 20,000 hard miles put on a car vs. 80,000 good miles being something similar)
  *Contrary to some myths out there, there is protection circuitry in your Macbook and therefore you cannot overcharge it when plugged in and already fully charged
  *However if you don’t plan on using it for a few hours, turn it OFF (plugged in or otherwise) ..*You don’t want your Macbook both always plugged in AND in sleep mode       (When portable devices are charging and in the on or sleep position, the current that is drawn through the device is called the parasitic load and will alter the dynamics of charge cycle. Battery manufacturers advise against parasitic loading because it induces mini-cycles.)
  Keeping batteries connected to a charger ensures that periodic "top-ups" do very minor but continuous damage to individual cells, hence Apples recommendation above:   “Apple does not recommend leaving your portable plugged in all the time”, …this is because “Li-ion degrades fastest at high state-of-charge”.
                      This is also the same reason new Apple notebooks are packaged with 50% charges and not 100%.
  Contrary to what some might say, Lithium batteries have an "ideal" break in period. First ten cycles or so, don't discharge down past 40% of the battery's capacity. Same way you don’t take a new car out and speed and rev the engine hard first 100 or so miles.
  Proper treatment is still important. Just because LiPo batteries don’t need conditioning in general, does NOT mean they dont have an ideal use / recharge environment. Anything can be abused even if it doesn’t need conditioning.
  Storing your MacBook
  If you are going to store your MacBook away for an extended period of time, keep it in a cool location (room temperature roughly 22° C or about 72° F). Make certain you have at least a 50% charge on the internal battery of your Macbook if you plan on storing it away for a few months; recharge your battery to 50% or so every six months roughly if being stored away. If you live in a humid environment, keep your Macbook stored in its zippered case to prevent infiltration of humidity on the internals of your Macbook which could lead to corrosion.
  Considerations:
  Your battery is subject to chemical aging even if not in use. A Lithium battery is aging as soon as its made, regardless.
  In a perfect (although impractical) situation, your lithium battery is best idealized swinging back and forth between 20 and 85% SOC (state of charge) roughly.
  Further still how you discharge the battery is far more important than how it is either charged or stored short term, and more important long term that cycle counts.
  Ultimately counting charge cycles is of little importance.  Abuse in discharging (foremost), charging, and storing the battery and how it affects battery chemistry is important and not the ‘odometer’ reading, or cycle counts on the battery. 
  Everything boils down to battery chemistry long term, and not an arbitrary number, or cycle count.
  Keep your macbook plugged in when near a socket since in the near end of long-term life, this is beneficial to the battery.
  In a lithium battery, deep discharges alter the chemistry of the anode to take up lithium ions and slowly damages the batteries capacity for the cathode to transport lithium ions to the anode when charging, thereby reducing max charge levels in mAh. In short, radical swings of power to lithium cells disrupts the chemical ecosystem of the battery to hold charges correctly which likewise impedes the perfect transfer of lithium ions both in charging and discharging.  In charging your lithium battery, lithium ions are “pushed uphill” (hard) to the anode, and discharged “downhill” (easy) to the cathode when on battery power. Deep discharges, damages this “upward” electrolyte chemistry for the battery to maintain a healthy charge and discharge balance relative to its age and cycles.
  Optimally, in terms of a healthy lithium battery and its condition, it is most happy at 50% between extremes, which is why low-power-drain processors such as the Haswell are ideal on lithium battery health since a partially charged battery with a low-drain processor has, in general, much more usage in hours
  Battery calibration, battery memory, battery overcharging, battery training, …all these concepts are mostly holdovers from much older battery technology, and on older Apple portable Macbooks ranging from early nicads, NiMh and otherwise; and these practices do not apply to your lithium battery and its smart controllers.
  Calibrating the battery on older Apple portable Macbooks with removable batteries.
  http://support.apple.com/kb/PH14087
  There is no calibration of current Apple portable Macbooks with built-in batteries.
  http://support.apple.com/kb/ht1490
  There is no battery calibration with current Apple portable Macbooks with built-in batteries. Lithium batteries have essentially a 0-‘memory’, and all such calibration involve the estimations fed to the system controller on the SOC (state of charge) of the battery over long periods of time as the battery degrades. The software based battery controller knows the battery's characteristics, or SOC and adjusts itself. This is why there is both no need and purpose to periodically deeply drain your macbook battery, since it doesn’t affect the characteristics of the battery, and further still deep discharges are something you should not do on purpose to any lithium battery.
  From BASF: How Lithium Batteries work
  https://www.youtube.com/watch?v=2PjyJhe7Q1g
  Peace

• Whats better for Nano? AAC vs. MPEG3

  Whats better for the iPod nano? AAC format or the MP3 layer format?
  Dont know whats up with them but my MP3's are mostly in 320kbps Bitrate
  just lookin to get the most out of my iPod

  Theoretically, MP3s and AACs are the same size at the same bitrate. However, many poeple think a 128 kbps AAC is the same quality as a 192 kbps MP3. Therefore, they take up less space.
  The song estimate for the iPod comes from 4:00 songs with a 128 kbps AAC encoding.
  Here's a good test for you. Make a copy of one of your songs. Then, go to iTunes Preferences. Go to Advanced>Importing, then change the settings to 128 kbps AAC. Then, highlight the duplicate song. Click Advanced (menu at top)>Convert Selection to AAC. Then, take a look at the size of the file, and see if the quality is still acceptable to you. If its fine, you could do that to your whole library.
  I hope this helps!

• IOS Firewall vs. ASA

  Is there a document that compares the security funtionaly and features of the ASA and the IOS firewall. I need to document why I would want to deploy ASA's at branch locations versus the firewall feature set on the WAN routers.                  

  Hello Sonepar,
  It really depends on the engineer’s viewpoint. Some prefer to have a single device do their routing and their security, while others prefer to have dedicated security devices. This reasoning, however, does not really determine what the “best” solution for your network is.
  One difference is that the IOS router starts out by allowing all traffic [on your untrusted interfaces], where as the ASA starts by denying all traffic. Consequently you have to configure the actual hardening of your IOS router. I will say the ASA typically offers faster performance, but that’s partially because the ASA is sort of a 1 trick pony and not doing any dynamic routing.
  I think one of the main things to consider is the complexity of VPN features desired. The ASA’s feature set is relatively limited in this respect. If you want to leverage more advanced features like DMVPN or GET VPN, and IOS router is your only option as the firewall does not support those. Of course by default, the ASA performs a little faster on VPN tunnels.
  If you’re looking for an appliance to just do traffic inspection, predominantly for a web DMZ or publicly accessible network, probably the ASA is your best bet. If however you have a highly decentralized -internal- network where branch offices frequently talk to each other, then you would benefit from something like DMVPN, thus your deployment would be greatly simplified using something like a 2800.
  Policy Base Routing on ASA is not supported since it is a security device it only routes traffic through one active default gateway and it can not classify packets based on source/service like router does.
  In my personal preference, I find myself moving away from the philosophy of this specialized device for routing and this specialized device for security. I prefer to simplify my deployments, and believe me w/ NAT, VPNs, Firewall, IPS, having an ASA sitting behind your border router…it can add a significant amount of complexity to your design…and ultimately, your troubleshooting.
  Again; at the end all depends on your company requirements and what are you looking for.
  Regards,
  Juan Lombana
  Please rate helpful posts.

• How to configure firewall access for ASA 5510

  Hi,
  This is my first time to use the Cisco ASA 5500 family. I have a request from a user to create an access rule, to allow all LAN traffic to Destination IP address 165.241.29.17, 165.241.31.254 with Destination TCP port 5060,5061,5070 and UDP port 50000-52399.
  I want to do this using ASDM, How do I accomplish this?
  Thanks,
  Jojo

  Hey Jojo I use the ASDM to manage my ASA... so below should get you a general access rule to allow what you need.
  •1.      Log into your ASA using ASDM.. on the top tabs look for "Configuration"
  •2.      Once you click "Configuration", on the left side panel down at the bottom you should see "Firewall".  Make sure you’re in the "Firewall" menu and at the top you should be viewing "Access Rules".  You should see a list of access rules applied to your ASA.
  •3.      At the top you should see a green "+Add" to add a new access rule to your ASA.  Once clicked you should identify…
       •a.      Interface -  INSIDE or OUTSIDE
       •b.      Action - PERMIT or DENY
       •c.      Source - Subnet that needs to talk to destination address
       •d.      Destination - use the [...] box to create a Network Object for 165.241.29.17 and 165.241.31.254 use /32 mask for specific ip address and not a range
       •e.      Service - Again use the [...] box to create TCP and UDP Service Groups for the specific ports
  •4.     You can then enter a description of the specific access rule and enable logging.
  This should be it... let me know how this works out for you!! 

• Inspect other firewall traffic using ASA 5585-X IPS SSP

  Is it possible to inspect traffic from other firewalls (say checkpoint firewall) apart from the one the ASA firewall the ASA IPS SSP is running on?
  Any help will be appreciated
  O.

  Hello Amit,
  Can you share :
  show ips detail
  show  module 1 details
  show service-policy
  Now, can you explain a little about this:
  on the switch end port tengig 1/8 is connected on nexus and specific vlans are monotored on that interface. But as of now i am not able to see any traffic on that interface. I dont know what wrong i am doing as this is the firstime on this IPS module. there is no ports connected on the firewall. only port connected is tengig 1/8 which is on the ips module which is in promisucs mode.
  I mean the firewall is the one that will redirect the traffic to the IPS sensor so not sure I follow you!
  Looking for some Networking Assistance? 
  Contact me directly at [email protected]
  I will fix your problem ASAP.
  Cheers,
  Julio Carvajal Segura
  http://laguiadelnetworking.com

• My firefox beta 12 using Linux platform does not update to firefox RC1 via the "check for update" function. I know windows' beta version had this fixed, when would Linux get similar support ?

  Current platform : Linux
  Current firefox version : Firefox 4 beta 12
  Issue : does not update to RC 1 using the check for update feature.
  Background : previously downloaded beta 8 and then it automatically updated to beta 12 using update features but for RC1, it does not.
  I know users under Windows platform had same problem but was resolved and they can now update via check for update feature.
  Please implement for Linux users too.
  Thanks !!

  If you can't update then you can download and install the full Firefox 4 RC version.
  * http://www.mozilla.com/firefox/all-beta.html

• Oracle12c SQL*NET blocked by Windows 2008 firewall - what is the correct solution?

  Hello,
  I have a question with regards to the SQL*NET traffic being blocked by the Windows 2008 firewall. This document shows that disabling the firewall can resolve the problem:
  https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=166773506396122&id=1472931.1&displayIndex=13&_afrWindowMode=0&_adf.ctrl-state=o4dq0hlih_112
  Is this really the solution?
  From what I understand from other documents is that just enabling port 1521 will not resolve any issues, as SQL*NET can use redirection to other random ports. That is probably the reason why the Oracle installation does not alter any firewall settings.
  What other methods do people use to connect a client to a DB server?
  This document shows what other methods to use, but who uses them?
  https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=166043735580557&id=68652.1&_afrWindowMode=0&_adf.ctrl-state=o4dq0hlih_78
  Does anyone use the Oracle Connection Manager for example?
  Thanks
  Richard

  I configure firewall to allow DB Server to start new network connections

• FP11 beta 2 (64bit linux) freezes complete system

  Help guys, my system freezes a few seconds after having started any flash video (e.g. youtube) with FP 11 beta 2.
  I can only recover it with kernel SysRq keys. The only evidence from the log files I have found:
  NVRM: Xid (0000:01:00): 8, Channel 00000003
  NVRM: os_schedule: Attempted to yield the CPU while in atomic or interrupt context
  NVRM: Xid (0000:01:00): 8, Channel 00000004
  NVRM: os_schedule: Attempted to yield the CPU while in atomic or interrupt context
  NVRM: Xid (0000:01:00): 13, 0001 00000000 00005097 00000548 3f800000 00000080
  My box is a standard Kubuntu 11.04 (2.6.38-10-generic x86_64 GNU/Linux) running default Nvidia driver from the repos.
  Any idea, as I would like to get rid of ugly squares generating FP 10.3 from the repos?

  The driver is default nvidia from 11.04 repositories, no ppa stuff:
  $ lspci | grep -i nvidia
  01:00.0 VGA compatible controller: nVidia Corporation G96 [GeForce 9500 GT] (rev a1)
  $ nvidia-settings -q NvidiaDriverVersion
    Attribute 'NvidiaDriverVersion' (localhost:0.0): 270.41.06
  The strange thing is that I did not see that behavior with any former FP version.
  Is there any more information I could provide to help tracking this issue down?