Other Security Subjects

Hi,We're facing problem when trying to upgrade our IDS 4230 Sensor from 4.1(1)S47 to 4.1.(4)S91:sensor# conf tsensor(config)# upgrade scp://service@10.0.0.23//tmp/IDS-K9-sp-4.1-4-S91.rpm.pkgPassword: *********Warning: Executing this command will appl...

Hi all,Is there a way to exclude a host or specific ports from CBAC inpection? Support that tcp inpection is enabled but an application is not currently supported by CBAC. How do you exclude it?ip inspect name INSPECT tcp

I'm using NMAP to discover ports and OS from my laptop to another protected PC by CSA.CSA is not preventing the discovery process, eventhough it is logging that "Possible Portscan" on the CSA MC.I'm using default setting on the CSA MC (default Instal...

Is there a way to set up an alert which will send an email for the following events: Administrator stopped/started the agent service. I have looked at the nt event log but only see when the agent service is started. Also, is there any documentation r...

I found an article about using NBAR to block P2P on Cisco Routers, but is it possible to block IM using the same features?I have a PIX 525 connected to a 2610XM as my headend router.TIA,Daniel Jimenez

Hi,I've just upgrades the CSA MC from 4.0.2 to 4.0.3 build 717, and I now can't access the MC from anywhere other than the server itself. I get the following error in the CSA MC window when I try to open it:Invalid SessionA valid CiscoWorks session i...

The scenerio explains , we are in dealt with two ISP terminated in two routers , 1st ISP had 2E1's and 2nd ISP had 1E1 towards customer(us).infact the 2nd ISP is running EIGRP in his customer end router,and the 1st is running static. anyone can expla...

Is there a router configuration example of using a Site-to-Site IPSec VPN for Frame Realy WAN Backup?

Trying to understand an inherited config.... It uses pix v6.1 and Aliases as followsalias (inside) outside-ip dmz-ip 255.255.255.255 &alias (dmz) outside-ip dmz-ip 255.255.255.255 &and has ano sysopt dnatreading the documentation on the alias command...

I'm running a 3002 hardware client to a VPN 3015 concentrator across a broadband link. After exactly 7hr 36 minutes I am getting the following occuring:7459 09/24/2004 20:02:01.650 SEV=4 IKE/41 RPT=1 IKE Initiator: Rekeying Phase 2, Intf 2, IKE Peer ...

Is there a way in 12.2T code to insert something in the middle of the ACL? I keep doing a "no ip access-list extended DMZ_Screen_In", modify the ACL and then re-apply it. The actual ACL is about 100 lines and I've re-added it sometimes to find I mis...

Hi I am interconnecting 4 Catalyst 6509 switches via a mesh as shown below: Sw1 <--> Sw2(FWSM)Sw3 <--> Sw4(FWSM)The 4 switches are interconnected via gigabit etherent ports in "square". The interswitch links are running layer 2 with 802.1q trun...

I am having problems with Cisco VPN clients 3.6.3 and aladdin etoken pro with driver 3.00 connecting to a Cisco 3015 vpn.I have several clients that are working, but have 3 that can't see the certificate on their etoken from certificate manager. If y...

HelloPardon any lack of knowledge we are new to IDS, we have a CW Server, a 4210, and a 4235. We can get our sensors upgraded to current versions but we cant get the CW server updated past s47.As we understand it both the sensor and the CW server ha...

For the last few days, I've been seeing a lot of Sig 2001 ICMP Host Unreachables being triggered targeted at a large number of our hosts. The source address is our Internet gateway router's address. This isn't something I normally see in my logs. ...