Cisco Cisco Firepower Management Center 2000

To test whether specified ports carry DCE/RPC traffic and continue processing when they do, select 
or clear the check box next to an auto-detection transport and, optionally, add or delete ports for the 
transport.

Select one or any combination of 

, 

, and 

 for a Windows policy.

Note that you would rarely, if ever, select 

 or 

.

Typically, specify a port range from 1025 to 65535 for auto-detection ports that you enable to cover 
the entire range of ephemeral ports. See 

, and 

 for more information.

See 

 for more information.

Optionally, click 

 at the top of the page to display rules associated 

with individual options.

Click 

 to return to the DCE/RPC Configuration page.

Save your policy, continue editing, discard your changes, revert to the default configuration settings in 
the base policy, or exit while leaving your changes in the system cache. See the 

 table for more information.

Protection

The DNS preprocessor inspects DNS name server responses for the following specific exploits:

Overflow attempts on RData text fields

Obsolete DNS resource record types

Experimental DNS resource record types

See the following sections for more information:

Protection

The most common type of DNS name server response provides one or more IP addresses that correspond 
to domain names in the query that prompted the response. Other types of server responses provide, for 
example, the destination for an email message or the location of a name server that can provide 
information not available from the server originally queried.