Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am trying to run a scheduled report looking for the new Microsoft exploit under the IPS S411 release, SIGID 19339.0 and I am trying to form the query looking for the event this falls under without using a keyword search on the SIGID. Does anyone k...
I just installed CSM 3.0 to replace our VMS application and I am having difficulty adding new sensors. When I go to the menu "devices", "sensors", I only have the option to Re-Import or Reboot a sensor, whereas in VMS, I had the additional option to...
I am upgrading our PIXes from 6.2(2) to one of the 6.3 codes and have 2 questions. First, can I upgrade the failover, reload, and expect that PIX to come pack up in failover, or will it have problems because of the version difference and possibly co...
Thank you for your responce. I received conformation on the PIXes inability to upgrade without incurring an outage. Perhaps this should be something they can add to future releases. Also tahnks for the vote of confidence on the 6.3(3) code.
I've had this problem in the past (only once) when trying to install a signature update using the VMS MC. I've found that a way around this is to telnet to the sensor and manually install the update. Then after this is done, go back into your VMS M...
126.0.0.1 is sometimes used as a loop back address or other times for testing purposes. Traffic can source from a loop back adaptor or from a second NIC on a server and make its way onto the network. Because it is not a valid address on the network...
Yes, it can be done. Here is a link detailing how to do this.http://www.cisco.com/en/US/customer/products/sw/secursw/ps2113/products_tech_note09186a00800941b3.shtmlThe sniff can be triggered on a signature alert. The sniff will miss the first packe...
