Guest

Preview Tool

Cisco Bug: CSCvt91280 - TG appliance iptables MASQUERADE rule does not block traffic from 169.250.0.0/16 network

Last Modified

Jun 08, 2020

Products (1)

  • Cisco AMP for Endpoints

Known Affected Releases

2.10 2.7 2.7(1) 2.7(2) 2.8 2.9

Description (partial)

Symptom:
When some specific samples are executed in virtual machine of Threat Grid appliance, the iptables MASQUERADE rule  is not able to block traffic from 169.250.0.0/16 network.
User may see outbound traffic from Dirty interface from 169.250.0.0/16 network

Conditions:
Some samples which generates spurious FIN/RST packets from 169.250.0.0/16 network for already-closed connections
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.