USG Flex 700 - how to discover IPS signature for allow list
We've got a new IP surveillance camera installed in our premises. To access it from outside, different NAT rules and Security Policies have been created. Unfortunately the IPS service blocks the RTSP connection to that camera, while other RTSP streams to other cameras are working fine.
The USG log is showing: SSI:N [type:Sig(116783)] VLC Media Player RTSP Plugin Stack Buffer-Overflow Action:Reje
When disabling the IPS service we have access to that camera, too. But it's not a solution to switch-off the IPS service permanently.
How can we discover the affected signature of the RTSP stream in order to add it to the IPS Allow List? Should we simply use the signature number listed in the Zyxel Link (116783) of the log entry?
All Replies
-
Just add the Signature ID into the IPS allow list.
0 -
Hi @USG_User ,
IPS allow list is at CONFIGURATION > Security Service > IPS > Allow list.
0 -
I've done it and it works. Thanks
But I'm a little bit concerned that we have to set this threat ID to the allow list since this ID is originally intended for "VLC Media Player RTSP Plugin Stack Buffer-Overflow" and not for ordinary RTSP camera streams.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight