4200 series IPS & GNU Bash issue

any idea when we will see an update for cisco-sa-20140926-bash (GNU bash issue) for the 4200 series IPS appliances?

Do the logs show anything useful when the freeze occurs?

Similar Messages

  • IPS SSP module vs standalone 4200 series devices

    Looking at price to performance ratio it seems that the IPS SSP modules are the winner.
    The 4200 series devices however has hardware bypass which can ensure traffic flow is not interrupted even if the power to the IPS goes down. How likely is it that a malfunction of the IPS SSP affects the work of the ASA?
    We are looking at ASA5585X S20 with IPS SSP S20 or same ASA with IPS 4260.
    Any and all input in terms of pros and cons you are aware of will be appreciated.

    Yes, you can have the IDSM2 module in your CAT 6K. However, please check how much traffic will be traversing the IDSM2 module since you mention internal as well as traffic towards the internet. Please ensure that the performance of the internal traffic is not impacted. Also depends on whether you will be configuring the IPS in promiscuous or inline mode.
    Here is the datasheet for IDSM2:
    http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_sheet09186a00801e55dd.html
    You might even want to bundle a few IDSM2:
    http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps5058/product_data_sheet0900aecd804b91d7.html
    Hope that helps.

  • I'm looking for Failover/High available solutions for IPS 4200 Series

    Hi all,
    I tried to find out Failover/High available solutions for IPS 4200 series,I didn't saw failover solutions in IPS guide document. Anybody can be help me!

    I do not know if this is documented anywhere, but I can tell you what I do. As long as the IPS 4200 has power, with the right software settings, the unit can fail such that it will pass traffic. Should the unit loose power, it does stop all traffic. I run a patch cable in parallel with the in line IPS unit, in the same VLAN, with a higher STP cost. Thus all traffic will traverse the IPS unit when possible, but should something happen to it, a $10 patch cable takes over.
    Mike

  • False positive for GNU Bash Remote Code Execution Vulnerabil​ity

    Dear Team, 
    in my customer, one of banking in brunei want to access several finance website such as www.iifm.net etc. Tipping point IPS blokec to access the website with report as a 16800: TCP: GNU Bash Remote Code Execution Vulnerability ( Low Severity). The site is normal and legal website. Our question is the several website is needed to access by our employee due to the dailiy working. Please advice 
    Best Regards
    Yudi

    Hello Yuibagan,
    This is the Consumer products forum.
    You need to be in the HP Enterprise Business Community for IT related issues for servers, etc.
    I think you will want to post this question in the Security section. Dont post the same question more than once as you did here.
    HP Networking
    You will also want to take a look at the Articles and updates explaining GNU Bash here:
    GNU Bash vulnerability "Shellshock" (CVE-2014-6271... - HP Enterprise Business Community
    HP Security Research: GNU Bash vulnerability "Shel... - HP Enterprise Business Community
    HP AppDefender and HP WebInspect updates: GNU Bash... - HP Enterprise Business Community
    HPSR Software Security Content 2014 Update 3 - HP Enterprise Business Community
    Good luck

  • False positive for 16800: TCP: GNU Bash Remote Code Execution Vulnerability

    Dear Team, 
    in my customer, one of banking in brunei want to access several finance website such as www.iifm.net etc. Tipping point IPS blokec to access the website with report as a 16800: TCP: GNU Bash Remote Code Execution Vulnerability ( Low Severity). The site is normal and legal website. Our question is the several website is needed to access by our employee due to the dailiy working. Please advice 
    Best Regards
    Yudi

    @yuibagan 
    ‎Thank you for using HP Support Forum. I have brought your issue to the appropriate team within HP. They will likely request information from you in order to look up your case details or product serial number. Please look for a private message from an identified HP contact. Additionally, keep in mind not to publicly post ( serial numbers and case details).
    If you are unfamiliar with the Forum's private messaging please click here to learn more.
    Thank you,
    Omar
    I Work for HP

  • Skype - Intrusion Attempts GNU BASH

    As reported by Norton, something in Skype keeps attempting an so-called "GNU Bash".
    These intrusion attempts have just started today and originate from SKYPE.EXE. I am not actively Skyping with anyone, have not downloaded anything through Skype today, and have Skype minimized. I do have the ads partly blocked (cannot see them), but they are still possibly there and are likely the cause. There are likely some bad ads going around..
    Solved!
    Go to Solution.

    This is more than likely not Skype specific though in this case it sounds related to an infected advertisement.  The GNU Bash vulnerability has pretty much gone rampant online.  It doesn't have to be an advertisement and can be any user or Skype user attacking a range of IPs that their computer interacts with.  The only computers affected by that vulnerability are Linux/Mac users and similar devices that use Bash that haven't been patched.  Bash by default is not installed on OSX unless someone enables advanced Unix services.  That vulnerability would have no effect on a Windows user.  So if any of your contacts have Bash installed on a device/OS you might urge them to get it patched or to uninstal it, if not needed.

  • HP 4200 series Printer Drivers

    I am having a problem getting a new HP Deskjet F4280 to print. When I send a document to print, all the normal functions happen from selecting the number of copies , etc, and the print progress bar shows up and fills in but it never prints. The jobs completed shows whatever I send as completed with the time and date. I can get the Deskjet to Scan and Copy from the computer controls. I tried to find updated drivers at Apple.com for this printer but they are only there for OSX 10.5. Leopard.
    I have done the all steps HP online assistance has suggested but, do not have a solution yet. I have loaded the latest OSX drivers from the HP site and installed them. If I use the Printer Setup Utility to try to install it as a HP printer I am unable to find drivers, I presume because the printer is not listed (old listing of printers)
    I have now used the generic printer option in the Printer Setup Utility and have found I have a driver version 10.4 and PPD file version 1.0 listed.
    I go to "about this Mac" and look at the printer option, I now have installed:
    Deskjet F4200 series:
    Status: Idle
    Print Server: Local
    Driver Version: 10.4
    Default: Yes
    URI: usb://HP/Deskjet F4200 series?serial=CN8882D3VP05BR
    PPD: Generic PostScript Printer
    PPD File Version: 1.0
    PostScript Version: (2000.0) 1
    Can anyone tell me if this is the correct driver version I should have? Any idea what I need to do to get the printer to print?
    Thanks
    Ron

    OK, so I "think" you're installing driver version 9.7.1? - Yes
    In Print & Fax/Printer Setup, are you clicking on Default - which gives the default browser? - That's the main problem I think anyway. I cannot get the Print Browser selection window within the Printer Setup Utility to accept this printer so I can make it the default printer. If I go to the HP selection list, the Series 4200 or the drivers are not listed so I can't select the default printer.
    If I try the "Other" selection I am taken to my Documents folder and can get to all the other folders but I cannot find the printer and drivers in any subfolder.
    And the printer is connected by USB? Yes, I know that is working correctly as the install 9.7.1 program identifies the printer and gives the serial number when plugged in and turned an as directed
    Again - "generic" won't be useful in any way. I have found that to be very true.
    I don't understand what "the utility is not up to date" means here.
    What I mean is that when I select to "add a printer" I'm taken to the "Print Browsed " window where I hi-light the 4200 Series printer and make that selection. The Print Browser window tels me I have selected that printer and that is located at G4 (??? See below). I am then asked to select the printer or driver from the list provided in the drop down listings. I go to HP and the Series 4200 printer is not listed.
    Have you repaired permissions? (Disk Utility in Utilities) - Yes, every time I reinstall the 9.7.1 program.
    COULD the problem be that the printer is located at G4 instead of the Hard Drive? Just to make sure can you tell me how can I change the location to the Hard Drive ?
    Thanks
    Ron
    G4-867-DP

  • Why can't i install all in one printer 4200 series on my windows 7 home premium?

    I can't install my 4200 series all in one printer on windows 7 home premium 64 bit ? Help please?

    Sharon,
    Welcome to the HP Community Forum.
    sharond6941 wrote:
    I can't install my 4200 series all in one printer on windows 7 home premium 64 bit ? Help please?
    It would help a great deal if you could help explain a bit why you cannot install the software.
    Does the software not download?
    Can you not find your printer?  Do you not know what kind of printer you have?
    Are there errors during the installation?
    Can you provide any information to help us understand the situation?
    ========================================================
    Help and Instructions to Install the Full Feature Software for the Printer:
    Install Full Feature Software – Printer
    Click the Kudos Thumbs-Up to say Thank You!
    And...Click Accept as Solution when my Answer provides a Fix or Workaround!
    I am pleased to provide assistance on behalf of HP. I do not work for HP. 
    Kind Regards,
    Dragon-Fur

  • Contact Center Express GNU Bash vulnerability CSCur02861

    Cisco Security Advisory notes that Contact Center Express is affected by GNU bash vulnerability  [CSCur02861] . But this bug report is not public available. does anyone have information which versions are affected?

    8.0(2)SU5
    NO patch  as it has reached End of SW Maintenance Releases Date
    8.5(1)SU4
    http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
    9.0(1)
    http://software.cisco.com/download/release.html?mdfid=284367996&flowid=46061&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
    9.0(2)SU2
    http://software.cisco.com/download/release.html?mdfid=284666782&flowid=46062&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
    10.0(1)SU1
    http://software.cisco.com/download/release.html?mdfid=285000761&flowid=49042&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest10.5(1)SU1
    http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
    10.5(1)SU1
    http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest

  • Cisco IPS 4200 Series Feature

    Does the Cisco IPS 4200 can support RADIUS for user authentication?
    Does the Cisco IPS 4200 can support SYSLOG for sending logging to outside?

    Are you kidding me? Then how do you explain
    the fact that security devices such as
    checkpoint and ASA firewalls are allowed
    authentication via tacacs/radius and you can
    send syslog back to a syslog server. Normally
    the information is got sent back via the
    Command and Control (C&C) interface which
    should be on a secure network in the first
    place.
    This is a limitation of the of the IDS itself.
    I have not tried version 5.x or 6.x yet but
    if they are similar to version 4.1, then
    they are nothing but a Linux box. You can
    "shell" into the box and install PAM on it
    so that you can use external authentication
    such as radius/tacacs or even LDAP.

  • IPS 4200 Series

    Hello Dears,
    I have fresh installed IPS 4200 in Inline interface pair mode, Uptill now i m not getting any packet drops or complains from users.
    What else to be done to configure IPS as a Professional setup for corporate Network.
    Thanks

    Now the hard work begins.
    Performing analysis on all medium and high severity signatures and performing these actions:
      Tuning the signatures - Recurring false positive signatures that fire should be adjusted down in severity of disabled (if completely useless)
                                     - Turning on packet captures to learn more about why a signature is fireing and help your analysis.
      Remediation - Once you've found an infected host inside your network, clean it.
                        - If the attack is from outside your network, discover how it is getting in and modify the means of access (Firewall, VPN, etc) to prevent future attack vectors.
    This should be plenty to get you started and keep you busy. Don't forget to rinse and repeat.
    - Bob

  • X220 IPS display backlight issue (with photos)

    Hello,
    I've purchased the Lenovo X220 laptop with the Premium HD IPS display and I do have a problem with it (see below).
    Laptop was purchased something like month ago and I've spotted this after I've started to work with it more heavily but after 14 days, so I was not able to return it to the seller (http://www.lenovoonline.cz).
    When you put backlight to maximum you see that the display is not evenly lighted and forming bright spots on the bottom of it. It's most noticable on the black background.
    I've sent notebook for repair (http://www.pcnet.cz) with this description (translated to english):
    "With maximum brightness set and the black display/background (eg. BOOT screen) on the bottom edge of the display there are visible white spots/maps. Small but visible and not even with different sizes. It's most visible on black background and while limiting external light (darker room, working in the night). Spots highlights even more when you try to pull the display towards you into steeper angle."
    The laptop has been in the repair for 2 weeks and the result was this description:
    "This kind of display is very sensitive to any pressure, and it will result in the brightening the place. It is specific for this model line and it's not the reason to warranty repair. We recommend to lower the brightness level in the darker room. Check of the display frame has been done and no problem has been found."
    Later they said they've replaced the panel too.
    However the issue still persists (see attached photos).
    Let me say few words about this:
    display is showing the spots while in rest I'm not touching it, if it's sensitive for pressure than it is indicating that there's some pressure on it while mounted in the frame
    I want to have backlight lighting the display evenly on the whole surface area, that's the correct function of a product anything else is NOT
    if they claim this is how it should be and it's actually a "feature" of the PREMIUM display then if I had known I would choose regular TN display and even save some money, needless to say that in that case the word PREMIUM sounds like a bad joke
    after lowering brightness level problem doesn't go away, still visible just gradually slightly less, depending on the brightness set
    if you are working in the night without external light this is VERY irritating
    So my question to you X220 community is, do you happen to have same issue?
    as they say it's "normal" with X220
    Thanks
    EDIT1:
    I've done a search now and it seems I'm not alone with this issue
    PS:
    I'm attaching two photos.
    First is the X220 (booted into GNU/Linux with X running and mouse as reference).
    Second is the very old Z60m (booted into Windows and running blank screensaver).
    Compare for yourself which one you would prefer.
    It was shooted in absolute dark (I'm used to work like that) with Canon EOS350D on tripod.
    There are some slight artifacts which you normally not percieve but anyway I think it clearly shows my point.
    X220
    Link to image 1
    Z60m
    Link to image 2
    Moderator note: images larger than 50k converted to links per forum rules: Lenovo Community Participation Rules

    Yes, at maximum brightness level the backlight bleeding is very visible but I use it at 5 or 6 level where it has excellent contrast ratio considering how crappy current notebook displays are in general. The uneven backlight is caused by fancy LED backlight which is still not able to deliver similar quality regarding uniformity as good old CCFL backlight (that's why professional LCD monitors still rely on W-CCFL backlight). But I agree that the top-left corner is way too much bad and might indicate that the panel is seated badly in the frame. On the other hand my old IPS panel in R51 also have backlight bleed at maximum brightness level.
    Major problem is that Lenovo is still not able to fix the stupid bug with brightness level always set to max in BIOS screen that the backlight bleeding is very visible and irritating everytime you boot your machine.
    IMHO, the X220 IPS panel is still much better than any ugly contrastless TN panel Lenovo puts into ThinkPads (except 15" FHD). I bet that you would hate the X220i TN panel more than this one
    There are also two different revisions of the IPS panel, the second one fixes problems with image retention. As for comparison with Z60m, X220 display lid is much more fragile so the panel is not protected well against pressures and flexes. In any case panel flex should affect the backlight bleeding temporarily only. If it persists it is subject to repair (replace, reseat etc.).
    Unfortunately I don't have any good low-light camera that takes useable pictures in dark environment so I can't post relevant images of the backlight bleeding.

  • Newer T Series models and Keyboard Issues

    I currently have a lemon of a T410 due to the flexing keyboard issues. At worst, certain keys do not work or produce random output at times due to the connector being compressed. I'm on my third keyboard now (and no longer under warranty).
    I have always loved the T series but I was wondering if the newer models (420, 430) have the same issues or how common it is. I wonder at times if I'm a heavier than normal typist, but this seems to be a common problem at least with the 410s. Is that the case with newer models? What about other Thinkpad series?
    Thanks in advance,
    kate

    I am sorry to hear with your trouble on the T410. In my household we have both a T400 and T420. The machines are used by people who I would consider heavy typists, and both machines are currently under warranty. The T400 keyboard was replaced once because a key fell off. They keyboard on the T420 was replaced once because an on-site repair tech damaged it. Outside of that, neither machine has had any keyboard issues. I do occasionally find that a key might stick, and then I use compressed air to blow out dust, dog hair, and other debris from under the keyboard. 
    When asking for help, post your question in the forum. Remember to include your system type, model number and OS. Do not post your serial number.
    Did someone help you today? Press the star on the left to thank them with a Kudo!
    If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"! This will help others with the same question in the future.
    My TPs: Twist 2HU: i5-3317U Win 8 Pro, 4GB RAM 250GB Samsung 840 | T420 4177CTO: i5-2520M, HD+, Win 7 Pro x64, 8GB RAM, Optimus, 160GB Intel 320 SSD, Intel 6300 WiFi, BT 3.0 | T400 2764CTO: P8700, WXGA, Win 7 Ult x64, AMD 3470, 8GB RAM, 64GB Samsung SSD, BT, Intel 5300 WiFi | A20m 14.1" PIII 500 (retired). Monitors: 2x Dell U2211h IPS 100% sRGB calibrated w/ Spyder3.

  • Cisco 3560 GNU Bash Environment Variable Command Injection Vulnerability

    Does this model 3560 is affected by this vulnerability? If does are there any configuration is required to solve this Bash Code Injection Vulnerability issue? Thanks guys!

    I'm seeing things like this. Whenever I look up the victim IPs they resolve to Amazon servers. It looks like a false positive to me also.
    event_id = 1360033965674082135
    severity = high
    device_name = xxxxxxx
    app_name = sensorApp
    receive_time = 09/28/2014  06:32:59
    event_time = 09/28/2014 10:33:29
    sensor_local_time = 09/28/2014 06:33:29
    sig_id = 4689
    subsig_id = 1
    sig_name = Bash Environment Variable Command Injection sig_details = CVE-2014-6271 sig_version = S824 attacker_ip = xxx.xxx.xxx.xxx attacker_port = 50986 attacker_locality = OUT victim_ip = 54.204.5.190 victim_port = 80 victim_os = unknown unknown (relevant) victim_locality = OUT summary_count = 0 initial_alert_id = summary_type = is_final_alert = interface = GigabitEthernet0/1 vlan = 0 virtual_sensor = vs0 context = bGVicml0eWJhYmllcy5wZW9wbGUuY29tJTdDYWlkJTNEMjA4OTQ1JTdDY2glM0RiYWJpZXMlN0NzY2glM0RuZXdzJTdDcHR5cGUlM0Rjb250ZW50JTdDY3R5cGUlM0RibG9nJTdDcGFnZSUzRDElN0NzdWJqJTNEYmFiaWVzJTJDa2FueWUtd2VzdCUyQ2tpbS1rYXJkYXNoaWFuJTJDbmV3cyU3Q2NlbGViJTNEJTdDdW5pcXVlJTNEZnVuY3Rpb24rKCkrJTdCJTBBKysrKysrKysrKysrdmFyK2ErJTNEKyU1QiU1RCUyQ2srJTNEKzAlMkNlJTNCJTBBKysrKw==$
    actions = droppedPacket+deniedFlow+tcpOneWayResetSent
    alert_details = InterfaceAttributes:  context="single_vf" physical="Unknown" backplane="GigabitEthernet0/1" ; risk_rating_num = 100(TVR=medium ARR=relevant) threat_rating = 65 reputation = protocol = tcp

  • HP Photosmart series 7510 wireless printer issue

    I have a  HP Photosmart series 7510 wireless printer.   
    My laptop is an HP Pavillion Entertainment PC dv9700.
    I am running Vista Home Premium with Service Pack 2.
    The printer stopped responding when I attempt to print something from the laptop, such as a web page or document.  When I print a diagnostic page it goes and responds right away. 
    Any ideas of what I may try.  When I set up a regular print job it just stays in the que and does not print.
    Thank in advance.

    Hello szwonders,
    I am sorry to hear you are having an issue with printing with your Photosmart 7510. Thank you for your information.
    I would like to help you.
    I recommend Resetting your Printer first, to see if that helps.
    Also, I recommend running HP's Print and Scan Doctor for Windows to search the driver and software to see if there are any issues.
    Please respond to let me know if this helped or if you have any other questions!
    Thanks,
    R a i n b o w 7000I work on behalf of HP
    Click the “Kudos Thumbs Up" at the bottom of this post to say
    “Thanks” for helping!
    Click “Accept as Solution” if you feel my post solved your issue, it will help others find the solution!

Maybe you are looking for

  • Change Alternative Item Quantity in Production  Order BOM

    Hi Gurus, I woould like to ask how can I make the Alternative item quantity to become editable. As of now, the system will calculate the percentage in the BOM and default it in the Production order. Now I have a requirement that in the Production ord

  • Restoring Library with Backup

    Hi, I'm afraid this is an old and recurrent theme, but having had a good read of lots of older posts I just can't get this fixed. I did an Erase and Install and am now running 10.4.6. I used Backup to save all my home folders including about 8GB of p

  • Can anyone help with this error? ;At line 102 of file"C:/Program files (x86)/Macromedia/Dreamweaver

    Can anyone help with this error please?;At line 102 of file"C:/Program files (x86)/Macromedia/Dreamweaver 8/Configuration/Objects/Common/Images.js"; TypeError: cmdDOM.parentWindow.setFormItem is not a function

  • Error message "Quantity could not be converted from GA to"

    Error message "Quantity could not be converted from GA to" gets displayed when i update any condition value/type ZMET in VA02 transaction. Where we need to maintain "Alternative unit of measure for the material" Plz do the needful. Points rewarded Re

  • Q10 display won't reduce size after expanding

    When I swipe the display to view other apps or swipe to enlarge something on screen, the problem is realized when I try to pinch or swipe it back to the original size display. Sometimes it would work, but now, nothing reduces it and I have to turn of