Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,Is there any way to use IPS-ME on a remote windows workstation for monitoring. I have 5 sensors that I want to configure with IPS-ME on a windows 2k3 server. The server will be in the Data Center and it will be use to config and monitor the senso...
Hi, I see events in SecMon with the victim or attacker IP of <n/a>. How can I filter those events? I cannot implement an event action filter in the IDM since the <n/a> is not acceptable as a victim or attacker IP. It's weird that a signature for T...
Hi,pkgadd -a CSCOcsa/reloc/cfg/admin -d .I have ran it with truss and it fails with:THIS SOFTWARE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OFCISCO SYSTEMS, INC. USE, DISCLOSURE, OR REPRODUCTION IS PROHIBITEDWITHOUT THE PRIOR EXPRESS WRITT...
easiest is to reverse engineer the signature details and craft packets based on the Sig RegEx for example. For example, if a SIG is inspecting packets for "DNS" in traffic over 53/tcp, crafting a packet with this info will trigger the IPS...
Have you confirm that the host is able to contact the MC by pigning? Are the DNS query to your MC server returning the proper IP.This sounds like a network connectivity/configuration issue and without any error message of logs it's hard to troublesho...
This is because the kernel headers are probably not installed.Install the kernel-smp-devel-2.6.9-55 EL.i686.rpm package.that will provide the headers in /lib/modules/2.6.9-55.EL ...
