Hi Everyone,
We have tested that the new IPS patterns on the Up2Date server are fixed and working.
If your system is affected there are two ways to get the updated and fixed patterns:
1) WebAdmin (the preferred way)
- login to WebAdmin via https://YOUR_ASG_IP:4444
- go to left menu item “Network Security”
- go to sub menu item “Intrusion Prevention”
- disable the IPS system (if not already done)
- go to the last tab “Advanced”
- click on the green “+” sign under “Modified rules”
- enter under “Rule ID”: 15851 and check “Disable this rule”
- click “Save”
- click again on the green “+” sign under “Modified rules”
- enter under “Rule ID”: 16576 and check “Disable this rule”
- click “Save”
- go back to the first tab and activate the IPS system again
This will fix the problem and install the new IPS pattern.
PLEASE NOTE: Depending on the speed and workload of your ASG it can take a minute!
2. Command line (only for experienced users)
- login via SSH or local on console
- become "root"
- enter "echo 1 > /proc/net/nf_condition/ips"
That's all and will do the following:
* it will bypass completely the IPS system on lowest level (ASG is online then), independent if IPS is activated or deactivated on WebAdmin
* the new IPS pattern will be fetched and installed
* the next IPS pattern update we will provide later today will remove this bypass automatically and the ASG works like configured (with new pattern)
If your ASG uses ACC as an Up2Date cache: do the same above for these ASGs if there are affected. There is no todo on ACC.
If your ASG is not and was not affected, because IPS was turned off last 8 hours or not online and therefore didn't fetched the corrupt pattern then there is no action needed. The old, corrupt patterns are removed from the Up2Date server. It is safe the activate IPS now and set the ASG online again to fetch IPS pattern.
We are very sorry for this inconvenience.
Best regards,
Dominic Schmidl
This thread was automatically locked due to age.
