Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

cisco ips in asa - attck to port 0 - no action

Hi Netpro Team,

we have cisco asa 5510 where ip module is installed. i have given the event action rule as "deny", when i do this, the attacks destined to victim port 80 is getting denied and logged, but attack to victim port 0 does not show any action in the logs....i checked this in ips manager as well as in idm event logs.

for eg:- signature 5930/13 is fired and it denied the attacker on victim port 80 and showing the action as denied, then im getting the next same signature fired for victim port 0, but action is now showing...

somebody pls reply...........................!!!!!!!!!

7 REPLIES
New Member

cisco ips in asa - attck to port 0 - no action

Hi Team,

I am unable to see the action taken and showing the victim port as zero for all the tuned signatures in ips... I really do not know if the attack is being blocked or still allowed... Need your intervention as soon as possible please..

im using sig IPS-sig-S576-req-E4. can somebody really revert please...

Cisco Employee

cisco ips in asa - attck to port 0 - no action

signature 5930/13 is fired and it denied the attacker on victim port 80 and showing the action as denied, then im getting the next same signature fired for victim port 0, but action is now showing...

Sounds like you are reviewing Summary Alerts. SIG 5930.13 is set to Summarize by-default. If you could paste a copy of one of these Alerts here, the community can take a look. Feel free to redact any sensitive information (or change IP addresses) if you feel the need to do so, but, make sure that if you do, you do it consistently so we can still get a clear understanding of the Alert.

somebody pls reply...........................!!!!!!!!!

FYI, by replying back to your own Discussion (multiple times in this case), the system no longer considers the Discussion to be "Unanswered", so that may discourage the community from taking a look (thinking that someone else already had).

New Member

cisco ips in asa - attck to port 0 - no action

Thanks Dustin,

Below is the events im getting from IPS... For me its difficult judge if its a summurization of events or DOS attack., Could you pls look into this..

SeverityDateTimeDeviceSig. NameSig. IDAttacker IPVictim IPActions TakenVicitm PortThreat RatingRisk Rating
Tmedium12/4/201122:24:43IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:24:51IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:42:00IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:00IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:01IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:02IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:02IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:03IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:04IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:42:04IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:42:04IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:42:04IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:05IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:42:05IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:42:06IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:42:20IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:42:25IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:26IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:26IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:27IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:27IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:42IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:42:46IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:47IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:47IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:48IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:42:49IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:04IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:43:06IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:06IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:07IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:08IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:08IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:23IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:43:30IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:31IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:31IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:32IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:33IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:33IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:34IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:43:34IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:43:35IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:43:35IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:43:35IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:43:36IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:43:36IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:43:50IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:43:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:57IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:57IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:58IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:43:58IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:13IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:44:18IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:18IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:19IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:19IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:20IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:35IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:44:37IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:38IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:39IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:39IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:40IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:55IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:44:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:44:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:45:00IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:45:01IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:45:01IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:45:02IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:45:07IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:45:08IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:45:23IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:46:21IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:22IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:22IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:23IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:23IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:24IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:25IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:25IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:26IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:38IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:39IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:39IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:40IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:41IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:46:41IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:52IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:52IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:53IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:53IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:54IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:55IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:56IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:46:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:46:57IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:06IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:07IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:08IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:08IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:09IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:09IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:10IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:11IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:12IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:47:12IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:27IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:47:35IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:36IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:37IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:37IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:38IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:53IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:47:55IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:47:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:47:56IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:47:57IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:47:57IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:47:57IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:48:08IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:48:12IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:48:29IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:29IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:30IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:31IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:31IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:32IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:33IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:33IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:34IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:35IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:48:35IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:48:35IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:48:36IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:48:36IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:48:36IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:48:38IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:48:38IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:48:51IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:49:08IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:08IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:09IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:10IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:10IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:11IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:12IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:12IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:13IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:14IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:14IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:15IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:16IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:31IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:49:33IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:34IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:34IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:49:35IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:49:35IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:49:35IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:49:36IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:49:36IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:49:36IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:49:51IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:49:55IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:56IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:57IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:58IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:58IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:59IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:49:59IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:00IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:50:00IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:50:01IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:50:01IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:50:01IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:50:01IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:50:02IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:50:02IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:50:02IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:17IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:50:22IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:23IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:23IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:24IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:25IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:25IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:26IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:26IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:27IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:27IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:28IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:28IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:50:29IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
medium12/4/201122:50:37IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:50:38IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:50:38IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
medium12/4/201122:50:39IPS-1Unix Password File Access Attempt3201/1161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent805085
high12/4/201122:50:44IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:51:21IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:22IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:23IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:24IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:24IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:38IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:38IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:39IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:39IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:51:40IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:40IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35droppedPacket, deniedFlow, tcpOneWayResetSent806095
high12/4/201122:51:55IPS-1Generic SQL Injection5930/5161.69.30.158192.168.100.35 09595
high12/4/201122:53:24IPS-1Generic SQL Injection5930/13161.69.30.158192.168.100.35tcpResetSent, droppedPacket, deniedFlow, tcpOneWayResetSent806095
New Member

cisco ips in asa - attck to port 0 - no action

Dears,

you will not find any action once the Event summary feild has a value other than "0" as the IPS take an action over individual feilds not summary one.

add rate if answers your question

New Member

cisco ips in asa - attck to port 0 - no action

HI EVERY ONE....

I HAVE RESOLVED THE PORT 0 ATTACK CONFUSION AS GIVEN BELOW... WE WILL HAVE TO EDIT THE SIGNATURES AND FINE TUNE IT..

########################################

Edit Signature > alert frequency:

Summary mode à Change from Summarize to Fire once

summary key à attacker

#######################################

PLS RATE IF THIS THREAD WAS HELPFUL...

Highlighted
Silver

cisco ips in asa - attck to port 0 - no action

Very nice converstaion. High 5!  Please mark this as closed.   Thanks and Regards,  Ankur Thukral   Community Manager : Security and VPN

New Member

cisco ips in asa - attck to port 0 - no action

Hi Ankur,

How would i mark this topic as closed... im not aware of it...pls check.

regards

rajesh

2506
Views
10
Helpful
7
Replies
CreatePlease to create content