Hello,My current scenerio is 4 sites (A,B,C,D). In site A there is frame relay connection to another site (site y). All sites, A,B,C & D access Site y through Site A. I think I have the VPN configuration down for 4 sites in a mesh configuration. ...
Hello,We have been receiving alerts for this alarm. It seems that someone is trying to spoof the host IP to check for vulnerabilities. Is there a way at all to find out the real source IP of the attacker trying to spoof the IP address? Here is the...
Hi,We just deployed IDS-sig-3.1-4-S58.bin on our sensor and everything works ok.. too well I will say. We are getting flooded with Nachi Alarms, approx 10k a day. Is there a way to filter the alarms so we do not get reported on them as much or at a...
Hello,I have CSPM 2.3.3i but it stoped receiving alarms from the sensor. Any suggestions? The only alarms I'm able to receive is when I restart the sensor, there are no alarms from stuff detected.Thank you!
Hello,I seem to have database corruption. I've tried login in to CSPM and it will reject the login with an error message stating that the database can not be initialized. What would be the best way to try to repair the database without having to lo...
I'm not sure I explained correctly. The traffic to site y will be traffic from each of the sites B,C,D. In other words I need to find out how to route traffic that initiates in site B to go to site y that exists in Site A. Site A,B,C & D are in a ...
Hi,Actually there was several problems,1. the packetd.conf file in the sensor was corrupted, so in CSPM we went back to use the default template under sensor signatures to over write the file on the sensor.2. the loggerd daemon was not initializing a...
Thank you for your reply!I actually loaded S43 on top of S33 without a problem, I was just concerned because the readme file specifically stated that you must have 3.1(3)S31 installed and that you should either upgrade to or downgrade to that specifi...
If your conduit rule denying UDP is set before the ip any any, all traffic will be let through except for that specific UDP port or which ever port you define. By looking at your notes it seems that you are trying to protect the slammer worm coming ...
