Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Is anyone else experiencing issues with this IPS signature 7067/0, Microsoft Internet Explorer Memory Corruption alert ?
The signature version update is 899.0 and it was released yesterday afternoon (12\8\15).
We have received over 5000 hits from ext...
See Sig. ID 5930/0 in IME in Event Monitoring as an example.If the Alert Frequency, Summary mode of an IPS signature is set to Summarize with a value of 15, does this mean that all 15 hits receive the stated Action Taken (eg. dropped packet, deniedFl...
Once in a while, it becomes necessary to troubleshoot network activity and the packets' journey through the IPS.Is there a simple way to completely ignore an IP address?This question pertains to the asa 5585 with the IPS module and IME v7.1(6)E...
Today, ips-4250-sx (not-in-line) upgraded from v6.0(4)E1 to 6.0(5)E2. (S335) to (S339)1st appearance & flood of red alerts,all internal sources and destinations:1) Windows DCOM Overflow 0&1 subsigs: (1100src/100dst=86k total hits)2) Netware LSASS CIF...
RE: Cisco IPS 4250, IE Viewer 5.1(5) S286When I tried to start viewer, having been functioning without a problem for some time, received error message that said that IPS could not connect to MySQL server on local host and that the Windows service sh...
I'm assuming that users are also experiencing issues with their Adobe Acrobat Readers because the packets are being dropped by the IPS.
Please fix or remove the sig.ID 7615/0 ....... ASAP, if you please.
-Will
I'm experiencing the same activity -- 1000's triggered alerts for ID sig. 24059/0. The source appears to be various workstations and the destinations\targets are the several Domain Controllers on the network.Is this a false\positive situation?-wg
