Christopher Dreier

Member Since: Mar 08, 2007

English
Christopher Dreier commented on TAC Security Podcast Episode #26 - Troubleshooting IPSec VPNs in VPN 4 years ago

Hello Gernot,This issue should now be resolved. Please give the download another try and let us...

Christopher Dreier commented on AIP-SSM-20 IN ASA 5520 TRIGGERING FAILOVER in Intrusion Prevention Systems/IDS 5 years ago

You can temporarily remove the Modular Policy Framework configuration that forwards traffic down to...

Christopher Dreier commented on Applying different IPS policies to specific flows with the AIP-SSM in Intrusion Prevention Systems/IDS 5 years ago

Hello Damdjo,No, that's not normal. Can you send me an ASA show tech via email?Thank you,Blayne...

Christopher Dreier commented on Applying different IPS policies to specific flows with the AIP-SSM in Intrusion Prevention Systems/IDS 5 years ago

Hello Damdjo,The ASA does not need to be in multiple context mode to support traffic redirection to...

Christopher Dreier commented on TAC IPS Media Series, Episode 3 - IPS Placement in Intrusion Prevention Systems/IDS 5 years ago

Hello Yuri,We do in fact have an episode planned to discuss different interface configurations....

Christopher Dreier commented on Applying different IPS policies to specific flows with the AIP-SSM in Intrusion Prevention Systems/IDS 5 years ago

Thanks for the bump, Lisa. I missed Rajeswaran's original post. I'll need to cover the GUI steps in...

Christopher Dreier commented on ASA-SSM-10 7.0(5)E4 Error in Intrusion Prevention Systems/IDS 5 years ago

Hello ngtransge,It's probably best to look at this through a TAC case. We'll need a "show tech"...

Christopher Dreier commented on Preventing web server scans on IPS in Intrusion Prevention Systems/IDS 5 years ago

Hello k.abillama,Can you provide a packet capture of the scan? Please gather full-length packets so...

Christopher Dreier commented on IPS Password recovery/factory reset in Intrusion Prevention Systems/IDS 5 years ago

Hello Mike,Can you please try authenticating with one of the other users (an admin would be best)...

Christopher Dreier commented on CPU on IPS 4255 constantly at 100% in Intrusion Prevention Systems/IDS 5 years ago

Hello Carlo,What version of IPS code are you running? This issue was seen in early 2010 when...

Christopher Dreier commented on Applying different IPS policies to specific flows with the AIP-SSM in Intrusion Prevention Systems/IDS 5 years ago

Thank you, Prateek. I hope you found the information useful.Blayne (Christopher)

Christopher Dreier commented on email notifications in ime in Intrusion Prevention Systems/IDS 5 years ago

Hello Jason,I'd like to look into this for you if you have not yet resolved the issue. Can you...

Christopher Dreier commented on IPS bypass mode in Intrusion Prevention Systems/IDS 5 years ago

Hello Aman,What model sensor(s) do you have? This is achievable by using the Modular Policy...

Christopher Dreier commented on snmpwalk crashes ASA-SSC-AIP-5!?!? in Intrusion Prevention Systems/IDS 5 years ago

Hello Mark,I ran individual snmpgets in a loop, getting all of the OIDs up to the IF-MIB::...

Christopher Dreier commented on snmpwalk crashes ASA-SSC-AIP-5!?!? in Intrusion Prevention Systems/IDS 5 years ago

Hello Mark,I've been testing this quite a while and I have not experienced the failure while doing...

Christopher Dreier commented on snmpwalk crashes ASA-SSC-AIP-5!?!? in Intrusion Prevention Systems/IDS 5 years ago

Hello Mark,Yes, that's what I needed. You are experiencing CSCti03741: mainApp crash on...

Christopher Dreier commented on snmpwalk crashes ASA-SSC-AIP-5!?!? in Intrusion Prevention Systems/IDS 5 years ago

Hello Mark,I just tested this locally and I believe that I was able to replicate what you are...

Christopher Dreier commented on Unable To Connect To AIP-SSM-10 using IDMv6 in Intrusion Prevention Systems/IDS 5 years ago

Hello Damdjo,You'll want to talk to your Cisco Account Manager/SE/NCE about purchasing a contract....

Christopher Dreier commented on IPS in ASA 5510 killing upload speed in Intrusion Prevention Systems/IDS 5 years ago

Jake,I see that you've opened a TAC case. I'll keep an eye on it to make sure we're headed in the...

Christopher Dreier commented on IPS in ASA 5510 killing upload speed in Intrusion Prevention Systems/IDS 5 years ago

Hello Jake,I have no doubt that the reading is accurate for the test that is being performed. I'm...

Christopher Dreier commented on Does the ASA , with AIP-SSM-20, handle IPS within a FW zone? in Intrusion Prevention Systems/IDS 5 years ago

One point of clarification is that the ASA will not forward traffic to the service module if that...

Christopher Dreier commented on Unable To Connect To AIP-SSM-10 using IDMv6 in Intrusion Prevention Systems/IDS 5 years ago

Hello Damdjo,I've reviewed your core.txt and it appears to be reasonably generic and warrants...

Christopher Dreier commented on IPS in ASA 5510 killing upload speed in Intrusion Prevention Systems/IDS 5 years ago

Hello Jake,Throughput speeds will vary greatly depending on the method you are using to measure....

Christopher Dreier commented on Multiple Class maps for AIP in Intrusion Prevention Systems/IDS 5 years ago

Hello Martin,If you would like to verify the MPF that will be applied to any flow by your...

Christopher Dreier commented on IPS strange behaviour ? in Intrusion Prevention Systems/IDS 5 years ago

Hello Martin,This sounds possible, depending on your configuration. Do you have the "ids-service-...

Christopher Dreier commented on Unable To Connect To AIP-SSM-10 using IDMv6 in Intrusion Prevention Systems/IDS 5 years ago

Hello Damdjo,This message means that the sensorApp process is not available. Can you please run a "...

Christopher Dreier commented on Severity 1 traps, "Deny ICMP reverse path check from" in Intrusion Prevention Systems/IDS 5 years ago

Hello 3moloz123,How often does this happen? If it happens often enough, you can do a packet capture...

Christopher Dreier commented on IPS strange behaviour ? in Intrusion Prevention Systems/IDS 5 years ago

Hello Martin,Good job identifying 1330.17 as the culprit. The signature indicates that your sensor...

Christopher Dreier commented on IPS events in Intrusion Prevention Systems/IDS 5 years ago

Hello Jignesh,When you say that "IPS utilization goes high," what exactly do you mean? Does the CPU...

Christopher Dreier commented on AIP-SSM failing to update from cisco website in Intrusion Prevention Systems/IDS 5 years ago

Hello Claude,In order to mark this question answered, please click on the "Correct Answer" button,...

Christopher Dreier commented on IDSM handling IP Spoofing in Intrusion Prevention Systems/IDS 5 years ago

Hello szekahungdanny,This would require the IDSM-2 to maintain a table of IP/MAC correlation. This...

Christopher Dreier commented on ASA-SSC-AIP-5 in Intrusion Prevention Systems/IDS 5 years ago

Hello markpiontek,Why does my IPS block ICMP/HTTP?While the sensor does have the...

Christopher Dreier commented on IPS Global Correlation: Spoofing Ip in Intrusion Prevention Systems/IDS 5 years ago

Hello sg jr,While the details of the Global Correlation and Reputation algorithm are proprietary...

Christopher Dreier commented on Custom IPS Signature in Intrusion Prevention Systems/IDS 5 years ago

Hello lquin1978,Signatures normally fire on the presence of data rather than the absence of data....

Christopher Dreier commented on unable to get IPS prompt after logging in in Intrusion Prevention Systems/IDS 5 years ago

Hello exploit,Yes, please do open a TAC case for us to investigate. Preferably, the sensor should...

Christopher Dreier commented on IPS Blocking VPN* in Intrusion Prevention Systems/IDS 5 years ago

Hello Marco,I'd like to take a deeper look at this via a TAC case. Would you mind opening one and...

Christopher Dreier commented on Zero window Probe in Intrusion Prevention Systems/IDS 5 years ago

Hello Kiran,The Modify Packet Inline action of signature 1317.0 removes data from the Zero-Window...

Christopher Dreier commented on Activity on Signature 31359/1 in Intrusion Prevention Systems/IDS 5 years ago

Hello tscislaw,It will soon. The bug was written this morning and still has to go through review....

Christopher Dreier commented on Activity on Signature 31359/1 in Intrusion Prevention Systems/IDS 5 years ago

Hello all,We now have a bug filed for this issue. The bug id is CSCtl90408 and it is available via...

Christopher Dreier commented on Activity on Signature 31359/1 in Intrusion Prevention Systems/IDS 5 years ago

Hello Pronet MSSP and tscislaw,Would you be able to provide a packet capture of the legitimate...

Christopher Dreier commented on ASA-SSM and PCI Compliance in Intrusion Prevention Systems/IDS 5 years ago

Hello Jonathan,I am not a PCI expert. So I don't know how literal these requirements are to be...

Christopher Dreier commented on ASA-SSM and P2P inspection in Intrusion Prevention Systems/IDS 5 years ago

Hello Kirvin1,The IPS itself does not have this functionality. Have you considered only blocking...

Christopher Dreier commented on TCP Reset is not working in promiscuous mode for http service in Intrusion Prevention Systems/IDS 5 years ago

Hello Aman,Can you please do a SPAN capture with a source VLAN of the VLAN that the RST should go...

Christopher Dreier commented on IPS 4260 rebooting in Intrusion Prevention Systems/IDS 5 years ago

Hello Alex,Can you provide a session log of you running the setup command and the machine rebooting...

Christopher Dreier commented on MS IE toStaticHTML String Parsing Cross-Site Scripting Vulnerability alarms in Intrusion Prevention Systems/IDS 5 years ago

Hello Seb,As a follow-up to this thread, we have identified a false positive in signature 30419 and...

Christopher Dreier commented on IPS Trusted IP's in Intrusion Prevention Systems/IDS 5 years ago

Hello learnsec_0,Here is an explanation of the deny-attacker-percentage/Deny Percentage attribute:"...

Christopher Dreier commented on IPS Trusted IP's in Intrusion Prevention Systems/IDS 5 years ago

Hello learnsec_0,The Event Action Filter "Signature ID" in IME correlates to the signature-id-range...

Christopher Dreier commented on MS IE toStaticHTML String Parsing Cross-Site Scripting Vulnerability alarms in Intrusion Prevention Systems/IDS 5 years ago

Hello Seb,Since I don't have the entire transmission, I can't tell what exactly is commented out in...

Christopher Dreier commented on IPS signature update in Intrusion Prevention Systems/IDS 5 years ago

Hello all,This issue has been resolved. Please set your sensors' Auto Update URL to the default and...

Bio












Christopher Dreier's Stats

Points432
Discussion started 0
Answers marked as Correct 13
Endorsed 0
Content Rated 16