TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Lira's are Euros now :) But seriously, has the memory leak been reported to support? Are they doing anything about it? Stephen >>> "Slighter, Tim" <[EMAIL PROTECTED]> Monday 08, July, 2002 23:02:26 >>> I kind of did things the other way around. I kept the 6.5 console and ran the upgrade utility. As a result of this, all of the signatures from the 7.0 including the XPU are now in the policy for the 6.5 sensor. In addition to that, the evidence logging feature is available and it does work. The biggest issue to date that we have witnessed for the Windows 2000 network sensor version 7.0 is that there is a major memory leak and the sensor and/or console crashes every so often. That's about all I have to say for my 1 lira's worth -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, July 05, 2002 8:09 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Realsecure 6.5 - 7.0 No policy migration path? TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- I tried to derive a new 7.0 policy based on one of my old 6.5 policies. It sort of worked. I contacted Tech support to be sure that this type of import was adequate. Their response was that because 7.0 was a completely new architecture I would have to create new 7.0 polcies from scratch. They do provide a policy dumper utility so that you can dump your old policy to a spreadsheet and to look at while developing your new 7.0 policy. I also found that the new signatures included in the SR for Server Sensor did not appear unless I developed a new policy for 6.5. The import of my 6.0 policy to 6.5 doesn't recognize the new signatures. A big pain. I can tell you though that the work does seem to be worth it. The new 7.0 signatures seem to be much better (fewer false positives, etc). -Wade -----Original Message----- From: Richard Culshaw [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 03, 2002 6:56 PM To: Stephen Cooper; [EMAIL PROTECTED] Subject: RE: Realsecure 6.5 - 7.0 No policy migration path? TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Hi there, what I found I could do was derive a new policy based on one of the old policies. The new policy would be 7.0 compliant but it would have most of the 6.5 settings including the filters etc. that you had set... That way you can migrate all the old settings basically FYI Richard -----Original Message----- From: Stephen Cooper [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 3 July 2002 8:01 PM To: [EMAIL PROTECTED] Subject: Realsecure 6.5 - 7.0 No policy migration path? TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- I am having massive problems trying to import my NT based Network Sensor 6.5 Policies to my new W2K Network Sensor 7.0 systems. SiteProtector cant do it at all, it simply rejects my old policies when trying to apply them to V 7 sensors. The WorkGroup Manager sort of imports it, but applies the policy to the 7 sensor as if its a 6.5 sensor and you see no new decodes. I cant believe there is no migration path and I have to recreate my NS 7 policies from the beginning. Has anybody had the same experience, or advice they can offer? Stephen Cooper, CISSP Senior Security Analyst Security & Architecture Group Information Technology Services Bank for International Settlements Voice: +41 61 2806792 Fax: +41 61 2809100 DISCLAIMER: Any e-mail messages from the Bank for International Settlements are sent in good faith, but shall not be binding nor construed as constituting any obligation on the part of the Bank. CONFIDENTIALITY NOTICE: This e-mail contains confidential information, which is intended only for the use of the recipient(s) named above. If you have received this communication in error, please notify the sender immediately via e-mail and return the entire message. Thank you for your assistance.
