Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I noticed today that the S623 release includes the retiring of signatures 3030-0 (TCP Syn sweep) and 2100-0 (ICMP Echo sweep). I find it interesting that Cisco has opted to have these signatures disabled by default. I figure it is part of the recen...
I have noticed this signature ( 5403-0) has been firing off more often in our environment. i've noticed some of the of the destination IP addresses are actually own by Skype, I haven't had any time to investigate fully, but thought i'd see if anyone...
I did an SNMPWALK of the IDS. snmpwalk -c communitystringhere -v2c ip.address.goes.here .1.3.6.1.4.1.9.9.138.1.1.2.1.3.0I plan on testing some SNMP trap options in the near future, i'll let you know what I find out, but it might be a couple weeks.
While I haven't heard anything regarding the ticket, I did just get a notification of S621, which includes the updated sig.http://tools.cisco.com/security/center/viewBulletin.x?bId=437&year=2012
.1.3.6.1.4.1.9.9.138.1.1.2.1.3.0.0 = STRING: "Indicates that the specified network interface has lost link.".1.3.6.1.4.1.9.9.138.1.1.2.1.3.0.1 = STRING: "Indicates that the specified network interface has established link.".1.3.6.1.4.1.9.9.138.1.1.2....
Just to add a little bit to Bob's response. It is possible to get HA, but like mentioned above, it's not HA like you would expect from a firewall, and requires significant network planning and is pretty technical in nature.The best documentation I h...
