Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
4
Replies

SIG5478 Microsoft Exchange SMTP Overflow

jaceleees
Level 1
Level 1

‎03-14-2006 01:03 AM - edited ‎03-10-2019 01:55 AM

Regarding above signature, I already checking on my exchange server (2003 with SP2) and confirmed we are patching with MS05-021 (KB894549) but there is still huge alarm fire between my exchange servers on this signature daily.

Any1 experienced this before? Mind to sharing your advice? thanks and appreciate it.

Labels:
0 Helpful
4 Replies 4

jlimbo
Level 1
Level 1

‎03-14-2006 05:30 AM

If your exchange server's are patched and are not vulnerable you have the option to either filter or disable this signature.

If you suspect false positives would you be able to provide some traffic samples or at least some show event outputs? It would greatly help in improving the signature.

You can e-mail me directly at jlimbo@cisco.com and I will provide you with my pgp key.

Thanks,

Jonathan

0 Helpful

mhellman
Level 7
Level 7

‎03-14-2006 08:12 AM

we saw the same thing (false positives on traffic between exchange servers). We just turned it off.

0 Helpful

jaceleees
Level 1
Level 1
In response to mhellman

‎03-17-2006 10:57 AM

Hi dude.

Are you just turn off this signature or filtered out your exchange server on this signature?

Can CISCO doing something on this Signature? appreciate it.

0 Helpful

mhellman
Level 7
Level 7
In response to jaceleees

‎03-22-2006 07:28 AM

We just turned the signature off. I'm not in an environment where complicated filtering is feasible. There are exceptions, but if a false-postive alarm is cluttering up my display, it's gone. It helps that we're patched for this vuln.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card