Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Some signatures from our IPS are tuned to send a TCP Reset when triggered. When this happens, the PIX denies each and every one of the 200 TCP Reset packets (per instance) from the IPS device (reference error %PIX-6-106015 in syslog). Apparently, t...
Outside interface, in promiscuous mode. My thinking is that since the IPS literally hijacks the session, imitates the attacker, and sends the 100 resets onward to the intended target (via the PIX), the PIX detects that a connection doesn't exist, be...
I have an open TAC case on this EXACT issue. Developers are still working on the patch. Also, check out this Field Notice:FN - 62822 - Cisco Security Manager 3.1 - Software Removedhttp://www.cisco.com/en/US/customer/products/ps6498/products_field_n...
Yes, IPS Event Viewer (IEV) can be used with 6.x as well as 5.x sensors. Keep in mind that if you have upgraded to the new Cisco Security Manager (CSM) vers. 3.1, IEV is now integrated with that software. As a matter of fact, before you can install...
