Types of Signatures
All signatures on the Cisco IDS are divided into various categories based on the types of attacks they do pattern matching for. Table 15-4 outlines the various types of signatures available on the Cisco IDS.
| Signature Category | Signature Types |
|---|---|
| 1000 series—IP signatures | IP options
IP fragmentation Bad IP packets |
| 2000 series—ICMP signatures | ICMP traffic records
Ping sweeps ICMP attacks |
| 3000 series—TCP signatures | TCP traffic records
TCP port scans TCP host sweeps Mail attacks FTP attacks Legacy CIDS web attacks (signature IDs 3200 through 3233) NetBIOS attacks SYN flood and TCP hijack attacks TCP applications |
| 4000 series—UDP signatures | UDP traffic records
UDP ... |
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
