I followed the upgrade path you took, and the test sensor upgraded correctly. Could you provide the virtualSensor.xml file from you 4.1.x sensor that is not upgrading? You can email it to micballa@cisco.com.Thanks,Jason
Can you provide the uprade process you went through? What was the release you started at, which updates did you installed, and in what order. You should be able to upgrade a 4.1.4-S151 sensor to 5.0.Thanks,Jason
The signatures in S145 detect the pif and zip file formats associated with the virus Trend Micro identifies as MyDoom.BB. Other virus vendors may label a different variant as MyDoom.BB. Also, can you confirm that the sensor is seeing both sides of ...
If you want a signature that fires on any SYN packet being sent to a certain host, you can use the atomic.tcp engine. You will need to write a signature for any packet with the SYN flag set and then use filters to filter out the alarms for the host ...