About jrojas

jrojas · 03-03-2008

I have a CSMARS box with the following rules set to send me an e-mail if they are triggered. System Rule: Password Attack: Remote VPN Access - AttemptSystem Rule: Password Attack: Remote VPN Access - Success LikelySystem Rule: Password Attack: System...

jrojas · 02-15-2008

Is there a specific configuration I have to add to my 4507's or 6513's in order to have them forward PXE boot requests from a client. Our PXE Server (a server running Altiris Deployment Solution) is located at our NOC and our clients are located thro...

jrojas · 02-13-2008

We recently added a CSMARS box to our infrastructure so it could correlate and report on our 4260's alerts. I've noticed that CSMARS is reporting on ICMP's from multiple hosts within our network sending ICMP packets to our Exchange server. The total ...

jrojas · 03-04-2008

Hi, Yes they are. That's why this seems a bit odd.

jrojas · 02-13-2008

Hi, the signature that is firing is ICMP FloodSignature ID: 2152/0. According to Cisco's site this signature should not fire under normal circumstances. However, when we first setup the IPS sensor it would deny all vpn users' access to our exchange s...

jrojas · 02-13-2008

Actually the reporting device is our 4260 IPS sensor. The probelm is that we have over 4000 hosts on our wan.

jrojas · 02-13-2008

Thansk, I figured it was normal traffic. By trace do you mean a Etherreal capture? Jav

Member Since	‎06-13-2005 09:50 AM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	7

User Statistics

User Activity

CSMARS Source IP address

PXE Boot

CSMARS reporting ICMP traffic between hosts and Exchange Server

Re: CSMARS Source IP address

Re: CSMARS reporting ICMP traffic between hosts and Exchange Ser

Re: CSMARS reporting ICMP traffic between hosts and Exchange Ser

Re: CSMARS reporting ICMP traffic between hosts and Exchange Ser