Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm having an issue with signatures not firing correctly. Some of the backdoor trojan signatures are firing, the NSDB says that it is looking for a certain string in the packet going over a certain port. This has happened on several signatures. I get...
Has anyone had problems with the upgrade to IDS MC 2.0? I installed this on my testbed and the Management Center came up okay, but the Security Monitor would not come up. I re-installed it and nothing would work.Any suggestions would be greatly appr...
We are facing an issue where we are required to upgrade Apache server on our IDS MC system. The system is currently running 1.3.27 and we are required to go to 1.3.33. I'm pretty sure that I cannot just upgrade Apache, so I was wondering if the 2.0...
I've encountered an issue in IDS MC and my 4250 sensors. Whenever I push a new config out through IDS MC (signature update, filter change, etc.) all the tuned signatures revert to the default built-in state.If anyone has encountered something simila...
The signatures that are firing (at least today) are 9546 and 9476. The traffic seems to be FTP data (source or destination port 20). The most common instance we have is for virus and trojan signatures and 99% of the time is FTP data.Any assistance wo...
I also noticed yesterday that the 2.0 upgrade to IDS MC has been pulled off of the website. I did not see an annoucement of this anywhere. Do you know a reason it was pulled?
Nadeem,Thanks for the info. I came to the same conclusion when I upgraded our testbed IDS system. Is there a timeframe for when 2.3 will be released?-Steve
Mike, The log function on the signatures refers to an IP log (you have to log into the sensor via web interface or command line to see them). I have not been able to find a way to enable the log function on all signatures without having to go into ea...
IDS 4250 runs Red Hat Linux 7.2. It should say when booting the sensor. You can also confirm by logging in with the Service account. Default user name and password is service service. If you service account does not exist, log in with the root (cisco...