Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
493
Views
0
Helpful
1
Replies

IDSM2 TCP Hijack Alarm troubleshooting

yvasanthk
Level 1
Level 1

‎01-15-2006 01:07 PM - edited ‎03-10-2019 01:50 AM

Hi,

IDSM2 event viewer shows TCP Hijack alarm for one of the desktops in my network as source and Windows ISA Server firewall as the destination.

The event has fired only once. I am not sure if I should ignore this or how to go about troubleshooting the problem?

Appreciate any help on this.

-- Vasanth

Labels:
0 Helpful
1 Reply 1

thomas.chen
Level 6
Level 6

‎01-20-2006 09:46 AM

The issue is, the filter has been configured for blocking a particular network .So the alarm comes when a data from a particular network reaches the sensor which is blocked by the filter. The work around is to Reset TCP Connection This reset message will Sends TCP resets to hijack and terminate the TCP flow.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card