13-4. IDS Sensor Signature List
Cisco IDS signatures are given unique signature ID numbers. The numbers range from 900 to 50000, with each range using a particular inspection engine to detect intrusion activity for a group of protocols or types of applications.
Table 13-1 lists the ranges of signature IDs. Signature IDs 900 to 19999 are assigned by Cisco and are supplied in downloadable databases or in databases embedded in operating system images. IDs 20000 to 50000 are reserved for custom signatures.
| Signature ID | Signature Series | Types of Signature |
|---|---|---|
| 900 to 999 | IDS diagnostics | IDS sensor events |
| 1000 to 1999 | IP | IP options
IP fragmentation Bad IP packets |
| 2000 to 2999 | ICMP | ICMP traffic records
Ping sweeps ICMP ... |
Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
