[c-nsp] Cisco IDS-4230 - TCP Reset Problem
Zahid Hassan
zhassan at gmx.net
Mon Jan 3 11:49:27 EST 2005
Dear All,
I am testing a custom signature on Cisco a 4230 running Version 4.1(4)S91.
I am seeing alerts on the IEV but not getting any connection resets.
Signature config output:
IDS-1# sh configuration | include SIGID 20000
signatures SIGID 20000 SubSig 0
IDS-1# sh configuration | begin SIGID 20000
signatures SIGID 20000 SubSig 0
AlarmSeverity high
AlarmThrottle FireAll
EventAction log|reset
RegexString
testattack
ServicePorts 23
Debug IP Packet Detail on the routers are also not showing
any RST flags being sent from the IDS sniffing interface.
Any pointers or comments would be highly appreciated.
Regards,
Zahid
More information about the cisco-nsp
mailing list