Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

signature id for tcp port 6070

guys,

We've problem with signature IPS in our idsm2, my customer is Banking company,they want to develop

application banking based on ip, the application need to open and allowing port tcp 6070 and 7007

is there any signature ID that's inspect the traffics of application?

the condition idsm2 is bypassing the engine inspection.but it's not the clear solution coz it's make all

traffic is bypass without inspection.  

if the engine bypass is auto mode, no one event of ips can hit or show the signature engine,The IPS does not generate alerts, but the application

cannot established, it's always retransmitted if we tap using wireshark.

Need your respond ASAP.because my customer has develop this application in every branch.

Thanks.

Regards,

Rusdi

1 REPLY
Super Bronze

Re: signature id for tcp port 6070

It sounds that it matches the TCP engine and if the TCP banking application does not conform with the RFC standard, it could possibly be inspected by the IDSM2 TCP engine. You would need to check the TCP engine signatures in the IDSM2.

247
Views
0
Helpful
1
Replies