Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
How does the TCP hijack signature work? Does it notice an ACK storm? Does it pick up on 2 devices that seem to get their sequence numbers all out of whack, as the hijacker picks up on the sequence number and starts spoofing the original source?I'm cu...
I'm seeing this signature many times a day coming from my 3640 dial up to my cisco works server. I enabled logging and looked at the traffic and it looks normal to me. Any one else seeing false positives on this one? Any one at Cisco willing to look ...
The head of the pack in vulnerability discovery and updates always seems to be eEye digital and ISS X-Force. Where is Cisco?When new vulnerabilities come out it always seems to be eEye or X-Force finding it - even if they don't discover it, they are ...
My IDS alerted to Sig 3336. I scanned the source and destination for this vulnerability and every backdoor ISS Scanner has and both show clean.Here is the contex buffer - does this look like an actual attack? Thanks.Decoded Alarm Context(Signature Na...
Thank you for your reply... I too have used it on many firewalls without any problems, but am about to make it a policy for a large organization that has firewalls throughout the country and want to research any known problems before I do so.thanks
Any chance you locked out the admin account?If so, you can unlock it via the registry:hkey_local_machine\software\cisco\ciscoAAAv2.6\csadmin\securityLook for the values "LockoutCheck" and "LockoutCount" and set them to 0. Reboot or restart your servi...
I tried NAT-T and it didn't work. Nothing has changed, but it just stopped working. The vpn concentrator is saying all the ip's in my pool are in conflict, yet there is nothing else on the switch and this is in the dmz...The address I assign myself d...
I looked at the logs on the concentrator and this is what is happening at the same time the client is erroring out.211 03/24/2004 20:10:34.690 SEV=5 IKE/132 RPT=17 68.89.130.37 Group [VPN-Admin] User [mickeymouse]Cannot obtain an IP address for remot...
