Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
In my previous post, I was able to successfully load the PIX remediation v1.1 module into FMC running 6.0.1. I have since tried actually running the SHUN remediation against two firewalls, but am running into an error, and I'm hoping someone on the b...
I installed FMC from scratch at 6.0 (upgraded to 6.0.1). We originally tested on 5.4, and it included the remediation module for PIX Shun's, which from what I could tell, worked for ASA's as well. With 6.0, it does not include the PIX Shun module. F...
For firewalls which do not have Ikev1 or v2 enabled/configured, could the remote code still be executed and either force the reboot or allow for remotely executing code?
The module wasn't on the internet, rather, on the 5.4 version I had installed.
However, the PIX module from 5.4 does not work in 6.0 due to the underlying framework change that Cisco has made. I have a separate thread, and to my knowledge, no one ca...
I turned the module back on, and again with the same syslog error:
Apr 05 2017 19:31:32 FIRESIGHT SF-IMS[6119]: [6119] SFRemediateD:SFRemediateD [WARN] ChildHandler.c:386:updateLogEntry(): Non-zero exit status (1) (remediation = ATTACK-FW-1) (policy_...
I received an email from sac-support. They had referred me to the 5.4 remediation API guide.
(http://www.cisco.com/c/en/us/td/docs/security/firesight/540/api/remediation/FireSIGHT-System-Remediation-API-Guide/WritingRemedClients.html)
I'm not a progr...
Nothing good unfortunately. I was told the framework changed between 5.x and 6.x, and the method used for PIX SHUN was based on 5.x. I was told to check this support forum and maybe someone would be able to assist. So far, I haven't seen anything.
Hi Yogesh, I was able to download the file from the 5.4 and install it using the 'Install a new module' as you suggested. It seems the new installation of FMC 6.0 doesn't include this module, but when pulling it from 5.4, I am able to add it. Perhaps...
