Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Highlighted
d.twaddle
d.twaddle
Community Member
‎06-28-2002 03:52 PM
‎06-28-2002 03:52 PM

Problem with CSPM 3.1(2)S26

I just received the update in regards to 3.1(2)S26 update for the IDS.

The update for the IDS sensor was smooth and installed with no problems. I then proceeded to update the CSPM signature file on the NT Server. Everything seemed fine with the install and gave no notification of any errors. I then went into the Signatures menu to enable the new signatures however they were not listed! I checked the pulldown that enables the filtering for only signatures by version, the 3.1(2)S26 option was available yet no new signatures are present.

I then went into the new sig.data file with wordpad and noticed something odd. The new signature numbers are listed in the appropriate category however the signature entries for all the new signatures were not even present in the file

Here is the code which links the individual signatures to the proper version :

version

{

Name = "3.1(2)S26"

Parent = "3.1(2)S25"

Signatures = 3707, 3714, 5275, 5276, 5277, 5278, 9015, 9016,

9017, 9018, 9019, 9020

}

The "Signatures" line contains all the new signatures for the update. That is good however try searching for the new signatures themselves, they are not in the file.

For example : there are 6 new backdoor signatures in this update however, the last backdoor signature in the sig.data file is 9014 and ends there.

Hope this helps to remedy the problem with the update. Thanks again Cisco for the continued support and updates on this product.

0 Helpful
Reply
1 REPLY
anthall
anthall
Community Member
‎06-28-2002 04:33 PM
‎06-28-2002 04:33 PM

Re: Problem with CSPM 3.1(2)S26

There was a problem with the original S26 CSPM package.

A new one has been created that fixes the problems that you describe. It is located at:

ftp://ftp-eng.cisco.com/csids-sig-updates/S26/CSPM-2.3.3i-S26a-exe.zip

This file will also make its way to CCO shortly.

Thanks for the input and sorry for any inconvience.

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
102
Views
0
Helpful
1
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
70
36
70
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
20
2
20
All Blogs