Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Reference: "Configure E-mail Notifications with Scripts for IDS Alerts Using CiscoWorks Monitoring Center for Security"http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps4077/products_configuration_example09186a00801fc770.shtml#fivesensorGood ...
Good day - Rebuilt a VMS 2.3 from scratch yesterday - loaded all the updates for common services, IDSMC to v2.2, DST Patches, etc. Placed the IDSMC Sig and Engine upgrades into the updates directory and, before trying to import the sensors, installed...
While I have experience with the 42xx sensor appliances I have not previously worked with the nm-cids modules. I have been told though that they are limited to use about 100 signatures. From their talk about memory and cpu restrictions it made sens...
Good day all. I have been asked to re-create some functionality that was lost after the customer upgraded from VMS to CSM but without CS-MARS or any other event monitor. The user had the system set to generate an email when an event was fired. It a...
This one solved itself and the notifications now contain all the variable data expected. Don't know what fixed the issue but the server running VMS was restarted later that day at some point after I sent the post for this problem. Since the reboot i...
Thank you for a concise yet complete answer to my question(s). I will make sure I make myself knowledgable about the new AIM-IPS modules. Do you have any insight (just have you heard anything concrete) as to whether they are going to be making any ...
Marcoa -Thanks very much! I knew about IEV but I didn't know about IEV being included in CSM now. It looks like it was included starting with CSM 3.1. Still, the IEV solution fails for my customer due to the 5 sensor limit.The customers are staying...
We are seeing the same issue for 5894-1 on our DNS traffic. Given that the sig appears to simply look for one of several hex combos (regex = \xe3[\x0a-\x0f])occuring in any UDP session... it is not really unexpected that there will be quite a few 'r...
