I've just updated one of my sensors to 3.0(1)S4. The update seems to have worked smoothly. See below:
The Version of the Sensor is: 3.0(1)S4
postoffice v175 (Release) 01/07/11-21:50
logger v175 (Release) 01/07/11-21:49
sap v175 (Release) 01/07/11-21:50
fileXfer v175 (Release) 01/07/11-21:48
sensor v175 (Release) 01/07/11-15:33
The problem is with the CSPM. When I approve a new configuration I immediately get an error message stating: "Error - Incorrect sensor version". Looking at the distribution status I see the message: "Actual IDS Sensor Version 3.0(1)S4 is not the same as the user specified version 2.5(1)S3. invalid Sensor version".
Of course I have updated my CSPM to tell it that the sensor is now 3.0(1)S4, so the above message is apparently incorrect.
CSPM version is 2.3.1 build 2440.
I'm locked out from accessing the sensor via CSPM. What am I missing?
The Custom String Matches that have been released for Code Red should be maintained on your sensors until we get S5 posted. Their is a posting under the title Acitve Update Notification: BSD Telnet Daemon Buffer Overflow on this forum that will walk you through adding a custom signature to a 3.0 sensor for The TESO telnet exploit. (NOTE: This signature can only be added to 3.0 sensors) This should be maintained until S5 is posted as well.
S5 is in the final stages of QA and should be ready to post this week.
i saw this too when i updated. im not sure what causes it, and maybe someone else out here might be able to explain it, but the way i got around it was to delete the sensor from CSPM and then re-add the sensor by Wizards --> Add Sensor. Then check Click here to capture sensor configuration. After that everything was fine.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...