Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
This trojan / worm was discovered on the 15th and has a high exploitation potential. Its details are summarized and our coverage is outlined here:http://www.cisco.com/cgi-bin/front.x/csec/view.pl?VID=3913Derek
We've now identified a problem with the S153 and S154 releases. This has been corrected in the S155 release posted yesterday afternoon. Upgrading to it should resolve your current issue.
Great, that helps a bunch.To help trouble shoot this, I'd like to see what happens to the config files on your sensor when it rejects the configuration. So ideally, I'd like you to attempt the upgrade again and let it fail. Then I need you to grab ...
Hi,Could you provide me with more information? re:-software version of sensor prior to the upgrade: was it 4.x or 5.x? -your upgrade was from 150->153, correct? -what hardware platorm is this on? -what is the general load of the sensor (...
The Cisco IPS team has never released one. According to our partner Trend Micro, Zafi and Hazafi are the same malware and nothing returns when I search for Erkez. These viruses have an exceptionally low distribution in wild and are rated as 'low' t...
The two sub-signatures for 3142 function very differently. Make sure you pay attention to which one is firing for you and your environment. You are correct in regards to 3142.1. This looks for the FTP responses coming back from 5554, which could b...
