Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have an IDS "listening in" on two switches. Problems begin when a host connected to switch1 talks to another host connected to switch2. Apparently I can see the packets twice (the only difference is TTL decreased by one). To make it more interestin...
Check out the thread titled: IDS-4235 boots to GRUB after applying 6.0(3)E1... I had to go to the ROMMON and from there set the IP,mask,gateway and tftp the recovery image (which gives you a pretty much an unconfigured device, unless there's somethin...
Wait a sec, it can use any arbitrary udp port even on non-windows boxes?Just got a couple of false positives from a dns server. Again, it triggered on Transaction ID.
Even with S299, I got false positives from NB traffic on port 137 thrown by SigID:5894/1. It appears that NBNS chatter doesn't sit well with this signature. For instance: one of the false positives triggered on Transaction ID from the NetBios Name Se...
