Cisco Cisco IPS 4255 Sensor
36
Release Notes for Cisco Intrusion Prevention System 7.0(4)E4
OL-22789-01
Resolved Caveats
sensor(config-hos)#
Troubleshooting Password Recovery
To troubleshoot password recovery, pay attention to the following:
•
You cannot determine whether password recovery has been disabled in the sensor configuration
from the ROMMON prompt, GRUB menu, switch CLI, or router CLI. If password recovery is
attempted, it always appears to succeed. If it has been disabled, the password is not reset to cisco.
The only option is to reimage the sensor.
from the ROMMON prompt, GRUB menu, switch CLI, or router CLI. If password recovery is
attempted, it always appears to succeed. If it has been disabled, the password is not reset to cisco.
The only option is to reimage the sensor.
•
You can disable password recovery in the host configuration. For the platforms that use external
mechanisms, such as the AIM IPS and NME IPS bootloader, ROMMON, and the maintenance
partition for the IDSM2, although you can run commands to clear the password, if password
recovery is disabled in the IPS, the IPS detects that password recovery is not allowed and rejects the
external request.
mechanisms, such as the AIM IPS and NME IPS bootloader, ROMMON, and the maintenance
partition for the IDSM2, although you can run commands to clear the password, if password
recovery is disabled in the IPS, the IPS detects that password recovery is not allowed and rejects the
external request.
•
To check the state of password recovery, use the show settings | include password command.
•
When performing password recovery on the IDSM2, you see the following message:
Upgrading
will wipe out the contents on the storage media
. You can ignore this message. Only the
password is reset when you use the specified password recovery image.
For More Information
•
For more information on reimaging sensors, refer to
•
For the procedure for disabling password recovery, see
.
•
For the procedure for verifying the state of password recovery, see
Resolved Caveats
The following known issues have been resolved in the 7.0(4)E4 release:
•
CSCta45869—Enhance SMB-A Engine Functionality
•
CSCta96144—sensorApp terminates with core in updateTime (version 7.x)
•
CSCtb19915—Possible Reassembly Problem with SMB-Advanced Engine
•
CSCtb39179—SensorApp fails in TcpRootNode::expireNow()
•
CSCtg73897—SendAckLimiter: repair ReportInterval issue and improve stats collection
•
CSCtf04660—IPS: crash in Anomaly Detection getLearnedKnowledgeBase
•
CSCtg22175—fast retransmit ACK swaps mac address for multicast traffic
•
CSCtf78755—Too many event action filters corrupt rules0.xml and causes failure
•
CSCsy93579—SensorApp becomes memory critical over time.
•
CSCtg86008—Error message after running “show tech-support” or “cidDump”
•
CSCsz19556—7280.0 does not reliably alert