Section 6.0: Intrusion Detection System (IDS)

6.1. Intrusion Detection System (IDS)

  1. Configure IDS from the console; log in as root and default password attack.

  2. Use the sysconfig-sensor utility on the sensor to configure IP address, mask, default route, and ACL to allow the 172. network to be able to manage it. By default the ACL allows for network 10. only. See Figure 5-6.

    Figure 5-6. Sensor Initialization Using Sysconfig-Sensor

  3. Use any workstation (AAA/CA server in this case) to browse to the sensor. That is, use IDM (IDS Device Manager) to configure the rest of the parameters. See Figures 5-7a through 5-7d.

    Figure 5-7a. Sensor Setup Using IDM

Get CCIE Security Practice Labs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.