Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

OpenSSH buffer management errors in IDS 3.x Fix Available ??

hi

customer asked to know if fix is already available

for this issue ?? or when it will be available

thanks in advance

JYP

2 REPLIES
Cisco Employee

Re: OpenSSH buffer management errors in IDS 3.x Fix Available ??

It is currently being tested and is not yet available.

I am not sure when testing will be complete.

Until then the IDS users should restrict access to the IDS boxes by configuring the Allowed Hosts.

Allowed Hosts should be restricted to only those ip addresses that need access to the IDS sensors.

If a user tried to attack the sensor from an IP address not in the list of allowed hosts the connection will be dropped by TCP Wrappers and will not be sent to the ssh server.

So the sensor is not vulnerable to attacks from IP Addresses not listed in the Allowed Hosts.

Refer to the following links for configuring Allowed Hosts. It is best practice to limit the list of IP as much as possible to reduce exposure.

Using IDM: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13876_01.htm#xtocid18

Using sysconfig-sensor: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid13 (step 13)

NOTE: In version 4.x sensors the Allowed Hosts has been renamed to the network access list.

Using 4.x CLI setup command: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/hwguide/hwchap9.htm#587561 (step 12)

Using IDM: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/idmiev/swchap2.htm#443188

New Member

Re: OpenSSH buffer management errors in IDS 3.x Fix Available ??

thanks for this clear information

JYP

98
Views
0
Helpful
2
Replies
CreatePlease login to create content