Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,The IDS signature "SQL Query in HTTP Request" (5474:0) does not recognize all malicious SQL selects. Currently, the reg exp looks like [%]20|[=]|[+])[Ss][Ee][Ll][Ee][Cc][Tt]([%]20|[+])[^\r\n\x00-\x19\x7F-\xFF]+([%]20|[+])[Ff][Rr][Oo][Mm]([%]20|[+]...
The latest version of IPS MC, v2.2 does not seem to store the last event position when restarting the CW processes. The result is that CW retreives the complete list of events on all the sensors event-store, no matter of the alarms have already been ...
HiI was wondering if it is possile to monitor the diskspace on the partitions of the sensor by using the built in snmpd on the IPS 5.1 sensor appliance. When i try to snmpwalk the sensor i cant see the usual net-snmp stuff.The "cisco.ciscoMgmt.ciscoC...
Thanks Michael,let's see how long it will take for Cisco to release a service pack for this issue..Any chance you could send me the updated receiver.exe? Maybe attach it here?
I got similar problems as Ecaroh. The IDS_receiver (receiver.exe) clearly contains a serious memory leak. This conclusion is established after verifying that no events are lost while the IDS_receiver is running. RAM and swap usage is constantly incre...
