Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual page 125
Configuration guide
Hide thumbs
Also See for 4215 - Intrusion Detection Sys Sensor:
- Hardware installation manual (74 pages)
Table of Contents
Advertisement
Chapter 7
Defining Signatures
–
–
To configure the alert severity, follow these steps:
Step 1
Log in to the CLI using an account with administrator or operator privileges.
Step 2
Enter signature definition submode:
sensor# configure terminal
sensor(config)# service signature-definition sig0
Choose the signature you want to configure:
Step 3
sensor(config-sig)# signatures 9000 0
Assign the alert severity:
Step 4
sensor(config-sig-sig)# alert-severity medium
Verify the settings:
Step 5
sensor(config-sig-sig)# show settings
<protected entry>
sig-id: 9000
subsig-id: 0
-----------------------------------------------
--MORE--
Exit signatures submode:
Step 6
sensor(config-sig-sig)# exit
sensor(config-sig)# exit
Apply Changes:?[yes]:
Press Enter to apply the changes or type
Step 7
78-16527-01
low—Low level alert.
informational—Informational alert.
This is the default.
alert-severity: medium default: informational
sig-fidelity-rating: 75 <defaulted>
promisc-delta: 0 <defaulted>
sig-description
-----------------------------------------------
sig-name: Back Door Probe (TCP 12345) <defaulted>
sig-string-info: SYN to TCP 12345 <defaulted>
sig-comment: <defaulted>
alert-traits: 0 <defaulted>
release: 40 <defaulted>
-----------------------------------------------
engine
-----------------------------------------------
atomic-ip
-----------------------------------------------
event-action: produce-alert <defaulted>
fragment-status: any <defaulted>
specify-l4-protocol
-----------------------------------------------
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
to discard them.
no
Configuring Signatures
7-7
Advertisement
Table of Contents
Troubleshooting
