Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000037643 - How to enable ping for business critical applications on RSA NetWitness devices

Document created by RSA Customer Support

on Jul 11, 2019

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000037643
Applies To	RSA Product Set: NetWitness Logs & Network RSA Product/Service Type: Core Appliance RSA Version/Condition: 11.1.0, 11.2.1.0, 11.3.x
Issue	Business utilizes monitoring with the use of ping and ICMP. When business monitoring has priority over the risk of a denial of service attack you can adjust ip_tables to allow ping.
Resolution	SSH into the NetWitness device Edit the following file /etc/sysconfig/iptables-config and set IPTABLES_SAVE_ON_STOP="yes" IPTABLES_SAVE_ON_RESTART="yes" Run the following command to add to iptables rules: iptables -I INPUT 1 -p icmp -j ACCEPT Restart or stop and start iptables service: service iptables stop service iptables start Or service iptables restart
Notes	Additional RSA community discussion on this subject can be found at the link below: https://community.rsa.com/thread/196950

Attachments

Outcomes

0 Comments

Recommended Content