There is a bug in 3.0(2)S6 where hijack analysis is performed on all monitored tcp streams and not just the ones listed in the TCP_HIJACK portmap. This will be fixed in the next signature update after S10 (S10 is too far along through QA to get it in...
There are a couple of known bugs that can cause the IDSM to stop processing packets. This will result in continuous messages that 100% of the packets are being dropped. These bugs are fixed in the 3.0(2)S10 release which should be on CCO by the middl...
There are two response actions in the IDS products: Shunning and TCP resets. Shunning is supported by both the appliance and the module in the 3.0 release. TCP resets are not supported in the module, only the appliance.