Is it recommend to have a vulnerability scan for Cisco ASA device.

Similar Messages

• Error while scanning for Serial-ATA devices.

  There was an error while scanning for Serial-ATA devices. I'm not sure how to trouble shoot this. I believe a secondary drive in bay 2 died.

  I also have just began to hit this issue.
  I have 4 2T enterprise class WD drives in a raid 1+0 (or was it 0+1) config.
  Device Model: WDC WD2002FYPS-01U1B1
  One disk (disk0 in bay 2) keeps disappearing. Completely. /dev/disk0 and /dev/rdisk0 vanish.
  If I look at "about this mac" / "More Info" / "Serial-ATA" I get the "error while scanning ...".
  If I reboot, the offending disc comes back and the raid volumes start rebuilding.
  The SMART status is (reported to be) fine.
  I use the 'smartmon' tools and look at the extended SMART status and the values of the counters all looks the same as the other drives. I can run an extended offline test, which takes forever to execute. disk 1 and 3 eventually finish with success (it writes this status into a SMART log area on the disc).
  Disk 2 and 0 take longer. I image this is because 2 is being read to resilver 0. Currently, I am running with disk0 absent again, and disk 2s test did not complete. It claims it was aborted by the host, so I imagine the one on disk0 will claim the same after I reboot.
  My system is under extended AppleCare until 16 Jan 2011, so if I can determine that this is a disc controller error, I can get it fixed. The drives have a 5 year warrantee, and are less than 1yr old, so they are covered. I just need to figure out what the issue is.
  I will now reboot and recover disk0 and see if perhaps there is anything recorded in the SMART log.
  There is nothing in kernel.log specific to disk0. I include the log extract here for posterity. The "speed" volume is not raid 0+1, just striped, which is why it gets aborted.
  Dec 21 23:30:26 8way kernel[0]: AppleRAID::restartSet - restarting set "sys_2" (C398B450-28A3-4C1D-A6A8-5B617661789D).
  Dec 21 23:30:26 8way kernel[0]: AppleRAIDMirrorSet::rebuild complete for set "sys_2" (C398B450-28A3-4C1D-A6A8-5B617661789D).
  Dec 22 04:17:22 8way kernel[0]: AppleRAID::restartSet - restarting set "usr_2" (4EA5DD68-D6D0-4CF3-A741-BFBC5ECE8A76).
  Dec 22 04:17:22 8way kernel[0]: AppleRAIDMirrorSet::rebuild complete for set "usr_2" (4EA5DD68-D6D0-4CF3-A741-BFBC5ECE8A76).
  Dec 22 05:23:16 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:23:30 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:23:44: --- last message repeated 1 time ---
  Dec 22 05:23:44 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:24:14: --- last message repeated 4 times ---
  Dec 22 05:24:19 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:24:56: --- last message repeated 2 times ---
  Dec 22 05:24:56 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:25:17: --- last message repeated 1 time ---
  Dec 22 05:25:17 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:25:31: --- last message repeated 1 time ---
  Dec 22 05:25:31 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on EB932B0E-8476-480C-BBD4-53A9A77D9FEF
  Dec 22 05:25:45: --- last message repeated 1 time ---
  Dec 22 05:25:45 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:26:15: --- last message repeated 2 times ---
  Dec 22 05:26:21 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:26:51: --- last message repeated 4 times ---
  Dec 22 05:27:12 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:27:33: --- last message repeated 1 time ---
  Dec 22 05:27:26 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:27:40: --- last message repeated 1 time ---
  Dec 22 05:27:40 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:28:24: --- last message repeated 1 time ---
  Dec 22 05:28:24 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:28:39: --- last message repeated 1 time ---
  Dec 22 05:28:39 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25
  Dec 22 05:29:14 8way kernel[0]: AppleRAID::completeRAIDRequest - error 0xe00002ca detected for set "usr_2" (4EA5DD68-D6D0-4CF3-A741-BFBC5ECE8A76), member 3C6E9EA4-831A-4
  57A-8CA5-6E7E9CBEED25, set byte offset = 222462894080.
  Dec 22 05:29:14 8way kernel[0]: AppleRAID::recover() member 3C6E9EA4-831A-457A-8CA5-6E7E9CBEED25 from set "usr_2" (4EA5DD68-D6D0-4CF3-A741-BFBC5ECE8A76) has been marked
  offline.
  Dec 22 05:29:14 8way kernel[0]: AppleRAID::restartSet - restarting set "usr_2" (4EA5DD68-D6D0-4CF3-A741-BFBC5ECE8A76).
  Dec 22 05:32:38 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:33:22: --- last message repeated 1 time ---
  Dec 22 05:33:22 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:34:06: --- last message repeated 1 time ---
  Dec 22 05:34:06 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002ca on 9722C38E-DFF9-468F-8DE5-809432493168
  Dec 22 05:34:53: --- last message repeated 1 time ---
  Dec 22 05:34:53 8way kernel[0]: AppleRAID::completeRAIDRequest - error 0xe00002ca detected for set "sys_2" (C398B450-28A3-4C1D-A6A8-5B617661789D), member 9722C38E-DFF9-4
  68F-8DE5-809432493168, set byte offset = 35194773504.
  Dec 22 05:34:53 8way kernel[0]: AppleRAID::recover() member 9722C38E-DFF9-468F-8DE5-809432493168 from set "sys_2" (C398B450-28A3-4C1D-A6A8-5B617661789D) has been marked
  offline.
  Dec 22 05:34:53 8way kernel[0]: AppleRAID::restartSet - restarting set "sys_2" (C398B450-28A3-4C1D-A6A8-5B617661789D).
  Dec 22 05:37:24 8way kernel[0]: AppleAHCIDiskQueueManager::setPowerState(0x13d64500, 2 -> 1) timed out after 100113 ms
  Dec 22 05:37:44 8way kernel[0]: Failed to issue COM RESET successfully after 3 attempts. Failing...
  Dec 22 05:37:44 8way kernel[0]: AppleRAIDMember::synchronizeCacheCallout: failed with e00002be on EB932B0E-8476-480C-BBD4-53A9A77D9FEF
  Dec 22 05:37:44 8way kernel[0]: AppleRAID::recover() member EB932B0E-8476-480C-BBD4-53A9A77D9FEF from set "speed" (190EC75B-C702-4481-ABCF-8C5A0D54BBE0) has been marked
  offline.
  Dec 22 05:37:44 8way kernel[0]: AppleRAID::restartSet - restarting set "speed" (190EC75B-C702-4481-ABCF-8C5A0D54BBE0).
  Dec 22 05:37:44 8way kernel[0]: disk4: media is not present.
  Dec 22 05:37:59 8way kernel[0]: speed::terminate(kIOServiceSynchronous) timeout
  Dec 22 05:37:59 8way kernel[0]: AppleRAID::completeRAIDRequest - underrun detected, expected = 0xa000, actual = 0x9e00, set = "speed" (190EC75B-C702-4481-ABCF-8C5A0D54BB
  E0)
  Dec 22 05:37:59 8way kernel[0]: disk4: data underrun.
  Dec 22 05:37:59 8way kernel[0]: jnl: disk4: dojnlio: strategy err 0x5
  Dec 22 05:37:59 8way kernel[0]: jnl: disk4: end_transaction: only wrote 0 of 40960 bytes to the journal!
  Dec 22 05:37:59 8way kernel[0]: disk4: media is not present.
  Dec 22 05:38:00 8way kernel[0]: jnl: disk4: close: journal 0x13f34e04, is invalid. aborting outstanding transactions

• Can anyone provide me details and fix for Shell Shock vulnerability for Cisco ASA version 5?

  We came to know frm our compliance team that we are running into shell shock vulnerabity therefore wanted to know the fix and document..

  Hi James,
  We do have a PSIRT filed for shell shock vulnerability, please refer details below:
  CSCur00511    ACS evaluation for CVE-2014-6271 and CVE-2014-7169
  https://tools.cisco.com/bugsearch/bug/CSCur00511/?reffering_site=dumpcr
  Here is the fixed code information for individual versions:
  Fixed Code:
  Patch for DDTS CSCur00511 is ready and available on CCO.
  The patch is included in all cumulative patches from version 5.4.0.46.7/5.5.0.46.6/5.6.0.22.1 and later. We recommend that you download the latest cumulative patches.
  Download from: CCO / Support / Download Software http://www.cisco.com/cisco/pub/software/portal/select.html?i=!y
  Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.4 / 5.4.0.46.0
  Patch filename: 5-4-0-46-.tar.gpg
  Readme and installaion instructions: Acs-5-4-0-46--Readme.txt
  Download from: CCO / Support / Download Software http://www.cisco.com/cisco/pub/software/portal/select.html?i=!y
  Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.5 / 5.5.0.46
  Patch filename: 5-5-0-46-.tar.gpg
  Readme and installaion instructions: Acs-5-5-0-46--Readme.txt
  Download from: CCO / Support / Download Software http://www.cisco.com/cisco/pub/software/portal/select.html?i=!y
  Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.6 / 5.6.0.22
  Patch filename: 5-6-0-22-.tar.gpg
  Readme and installaion instructions: Acs-5-6-0-22--Readme.txt
  Download from: CCO / Support / Download Software http://www.cisco.com/cisco/pub/software/portal/select.html?i=!y
  Select: Security / Identity Management / Cisco Secure Access Control System / Cisco Secure Access Control System 5.3 / 5.3.0.40
  Patch filename: 5-3-0-40-.tar.gpg
  Readme and installaion instructions: Acs-53-Readme.txt
  Regards,
  Tushar Bangia
  Please do rate the post if you find it helpful!!

• HT1338 Does Apple have a virus scan for recent malware?

  I am concerned that Adobe Updates are showing up on my dock bar at the bottom of my screen and I do not know how to ensure I am not being infected.

  If they are coming from the dock, it is most likely that it is the
  real Adobe updater.  The malware only presents itself when
  visiting a malicious website.
  You can verify this by opening the Flash Player panel in
  Preferences or checking the Adobe Updater which is usually found
  in Applications->Utilities->Adobe Utilities.
  Also, install the latest Java update for your computer which
  now also contains a malware removal tool.

• HT1911 My daughters ipod has been disabled and I just want to reset password for the ipod not itunes account.  We have one itunes account for all our devices (so I can control what they purchase).

  Why is itunes so difficult to navigate around?

  You will need to connect the iPod to a computer's iTunes, and you may need to put it into recovery mode : http://support.apple.com/kb/ht1808 - you should then be able to reset the iPod and restore / resync the content to it.
  If it's done via computer that it hasn't been synced to, and therefore doesn't have a backup on it, then from http://support.apple.com/kb/HT1212 :
  If you restore on a different computer that was never synced with the device, you will be able to unlock the device for use and remove the passcode, but your data will not be present.

• CISCO ASA RECOMMENDATION

  Dears,
  Please provide a recommendation for CISCO ASA as below
  Firewall + Licenses with function below:
  - Work as proxy server
  - Load Balancer
  - Router with support at least 4 server.

  Anyone? ??
  Sent from Cisco Technical Support Android App

• MARS 6.1 and vulnerability scans

  Hey guys,
  I'm looking at getting the MARS 55 k9 6.1 and was wondering about the vulnerability scan tools in MARS.
  1. Are there any?
  2. What are they?
  3. What are the scheduling options?
  If MARS 6.1 doesn't have anything native can it work with something else?
  Thanks,
  Brent

  The following three security suites are supported in MARS:
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/compatibility/local_controller/dtlc60x.html#wp75289
  MARS has a built-in Nessus scanner, but its only meant for internal use (reducing false alarms by having more meaningful information about the attacker/victim like OS/services etc.) You cannot invoke this scanner yourself.
  Regards
  Farrukh

• I have a 2012 iMac, running OS X Yosemite 10.10.2. Is there any way to scan for malware without buying a program?

  I have a 2012 iMac, running OS X Yosemite 10.10.2. Is there any way to scan for malware without buying a program?

  Have you been having some problems that make you think you may have malware installed?
  Download and run Etrecheck.  Copy and paste the results into your reply. Etrecheck is a diagnostic tool that was developed by one of the most respected users here (and recommended by Apple Support personnel) in the ASC to help identify the more obvious culprits that can adversely affect a Mac's performance.

• Penetration & Vulnerability Scan

  Specialist service really, get a specialist in
  Kali linux had a bunch of good tools
  Burpsuite also worth looking at

  What do people recommend for tools/services for doing an external pentration/vulnerability scan that doesn't break the bank? (like hiring an Ethical Hacker.)
  This topic first appeared in the Spiceworks Community

• List of Rules vs Severity and Vulnerability Scanning

  G'day Gurus,
  Environment: CS-MARS 6.0.6 (3368)
  I can find the list of rules defined in CS-MARS:
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/user/guide/combo/appMars.html
  Can I generate a report where I can see the list of rules and severity define to each rules when it trigerred?
  Also how can I run a vulnerability scan on a host from CS-MARS?
  Cheers,
  Ahmed.

  Hi Aetius,
  Yeah, they're the two methods I'm familiar with in the portal to do something like what you're saying automatically: either do it in the sync from source to MV or apply a workflow in the Portal.
  The general idea with the workflow method would be to have a set called something like "Users With Address" and scope it to only users with the address attribute. Have a transition-in MPR that looks at that set and fires off a workflow when a user enters
  that set. There are a lot of options when it comes to how to implement the workflow. You can write your own custom workflow/s. There are some good tutorials by Ross Currie around that http://www.fimspecialist.com/fim-portal/custom-workflow-examples/ and
  there are some that have already been built by Soren Grandfeldt http://fimactivitylibrary.codeplex.com/.
  So if you leave the workflows for a sec, all the associated data about what will be populated if the address is x can be loaded into the portal by creating a custom object type and then adding them all in one by one. You can probably script the part of actually
  adding the data. Or even the custom object type creation if you want. So then you have a central place where that information is all together.
  With the workflow when it's triggered, using the workflows that are floating around the internet you should be able to read the attribute off the user and then lookup the value in the list of custom objects and then update the other attributes of the user,
  City, Post Code, Country using the lookup value. You kind of chain the custom workflows together and pass data from one to other.
  You do need to be careful when you do this sort of thing though. The FIM event queue can get pretty clogged up if you have a huge amount of users in the set and it's trying to process all of these users at once. When you're testing probably better to apply
  the MPR to a manual set and add users one or a few at a time and see how it handles it.

• I heard that there was a problem with Apple being vulnerable to Hackers. Has anyone seen an update for this issue? My IPad received the update last night but I have not seen anything for Safari.

  I heard that there was a problem with Apple being vulnerable to Hackers. Has anyone seen an update for this issue? My IPad received the update last night but I have not seen anything for Safari.

  Mac OS X 10.9.2 was released today for this issue and others. Earlier versions are not affected.
  See this Apple article - http://support.apple.com/kb/HT6114
  You can use the Mac app store to do the update or download it directly from here - http://support.apple.com/kb/DL1725
  Best of luck.

• Why is it recommended to have a separate PeopleSoft ID for starting Application Server in PeopleSoft

  HI,
  Why is it recommended to have a separate PeopleSoft ID for starting Application Server in PeopleSoft

  Hello:
  You can put the JS function into the HTML Header section of the Page defintion.
  <script>
  function doDelete(id) {
  $x('P14_DEL_ID').value=id;
  doSubmit('DELETE');
  </script>Define a new page process whose process point is 'On Submit: After Computations and Validations'. For the Process Source specify
  Delete from <table> where key_column=:p14_del_id;Under Conditional Processing select 'Request=Expression 1'. For Expression 1 specify 'DELETE'
  Hope this helps.
  Varad

• I keep getting window up saying urgent update recommending download, but when i do try, all i get is a blue and white bar moving . i have left it run for hours and nothing happens. what is it?

  i downloaded new FF 2 weeks ago. Since then i keep getting update window coming up every day highly recommending i update but when i try, nothing happens except blue/white moving bar at top of window. i have left it run for hours and no progress, so i close it. The next time I open FF, it appears again and again same happens.
  If there is an urgent update, how urgent is it if I cannot download it.It's worries me that i can,t load it and how it might affect my security.

  It would be a great idea to uninstall Norton - you don't need it and it has a pretty poor reputation for mucking up otherwise healthy Macs.
  Have a look at this User Tip from klaus1: https://discussions.apple.com/docs/DOC-2435
  To uninstall Norton:
  https://support.norton.com/sp/en/us/home/current/solutions/kb20080427024142EN_En dUserProfile_en_us
  Edit: To see whether you actually have Norton installed launch Activity Monitor in the Utilities folder. If it's installed you'll likely see some Norton entries there.
  Also, in System Preferences>Users & Groups or Accounts, depending on OS)>Login Items, it might be listed.

• MARS and Qualys vulnerability scanning integration

  What does adding Qualys vulnerability scan data to MARS allow MARS, help MARS to do?
  Does it help MARS identify an alert as a false positive in the context of a host which Qualys says isn't vulnerable OR does it do something else like when the Qualys data is retrieved simply listing each vulnerability as an incident?

  My understanding was the Qualys would inform MARS if a system was really vulnerable or not based on it's (the qualys box) information of the situation.
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/device/configuration/guide/cfgVulAs.html
  Erric

• Unable to burn cds. Have run diognostics. i tunes not running in safe mode. invalid lower filters registry value. Failed while scanning for CD/DVD drives, error 2500. Please help.

  Unable to burn CDs using i tunes. Have run diognostics.    Summary:-   i tunes not running in safe mode.
                                                                                                                                      Invalid lower filters registry value.
                                                                                                                                      Failed while scanning for CD/DVD drives, error 2500
  Please help.

  That's why you want to make a backup of the registry. If you didn't make a backup, use MS system restore to go back. The only values you should remove are UpperFilter or LowerFilter - one or both may be in there and can be removed. If neither value exists, then that is probably why you can't burn and Windows is not recognizing your drive as a writable drive.
  ... an HP employee expressing his own opinion.
  Please post rather than send me a Message. It's good for the community and I might not be able to get back quickly. - Thank you.