Status update and instructions how to fix it:
- a new, fixed IPS pattern version is on all Up2Date servers
- currently we see that the affected machines are not able to fetch this
new IPS pattern update
- please fix the issue by login the WebAdmin via https://YOUR_ASG_IP:
- go to left menu item “Network Security”
- go to sub menu item “Intrusion Prevention”
- go to the last tab “Advanced”
- click on the green “+” sign under “Modified rules”
- enter under “Rule ID”: 15851 and check “Disable this rule”
- click “Save”
- click again on the green “+” sign under “Modified rules”
- enter under “Rule ID”: 16576 and check “Disable this rule”
- click “Save”
This will remove the broken rules but IPS is still activated.
The new pattern update will be installed within minutes.
Please do NOT deactivate IPS, because then the new IPS rules will not be
fetched and installed.
quelle:http://www.astaro.org/astaro-gateway-products/network-security-firewall-nat-qos-ips-more/31636-critical-astaro-stopped-working-disable-intrusion-protection.html
and if not working with the gui, disable IPS:
login to the gui with root rights:
cc [ENTER]
ips [ENTER]
status$ [ENTER]
=0 [ENTER]
-steven
Pascal Gloor wrote:
it seems that some customers calling in with performance problems.
we've noticed that those customers are using astaro-firewalls.
Performance issue seems to be, no connection at all.
Yet again a fantastic FAIL of an ALL-IN-ONE-CAN-ALSO-DO-COFFEE firewall.
Workaround is to disable the IDS and wait for ASTARO to submit a new IDS
signature update.
Pascal
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
