Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
2
Replies

Sig 3030 is KILLING me

brok3n
Level 1
Level 1

‎01-08-2002 10:38 AM - edited ‎03-08-2019 09:31 PM

I cannot get one of my sensors to IGNORE any form of traffic tripping signature 3030. I have tried individual hosts for filtering, entire networks, and finally the entire sig. Here is the entry in my SigSettings.conf:

RecordOfExcludedPattern 3030 * * *

Am I missing something here? Why am I still seeing alarms???

Thx,

brkn!

Labels:
0 Helpful
2 Replies 2

klwiley
Cisco Employee
Cisco Employee

‎01-08-2002 11:56 AM

What version of the sensor SW are you running? There are known problems in the 3.0(2) and 3.0(1) code with Exclusions and sweeps. These have all been corrected in 3.0(3). If you are running 3.0(3) and are still experiencing difficulties then we need to talk off-line so that we can get to the root of the problem. You can e-mail me direct at klwiley@cisco.com.

0 Helpful

brok3n
Level 1
Level 1
In response to klwiley

‎01-08-2002 12:51 PM

I was running 3.0(2), upgraded to current and everything is working well. Probably should have tried that from the start, but it did not exhibit this behavior immediately after my initial upgrade (from 2.x to 3.x), seemed odd -- thanks for the help.

-brkn!

0 Helpful
Customers Also Viewed These Support Documents