Creating Signatures on Cisco IDS enabled IOS based Firewalls

From: Cherian M. Palayoor (cpalayoor_at_cwalkergroup.com)
Date: 09/25/03

Next message: Raoul Armfield: "RE: protect MS Windows 95/98/Me"

Previous message: Kent Stairley: "book recommendations"
Next in thread: McGill, Lachlan: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Maybe reply: McGill, Lachlan: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Reply: Michaelian Ennis: "Re: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Maybe reply: Smith, Chris: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 25 Sep 2003 13:25:17 -0700
To: <security-basics@securityfocus.com>

Hi,

Can anyone tell me if it is possible to create signatures using the IDS on a
Cisco IOS based firewall.

If yes, can you direct me to the documenetation on the same.

Regards

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Raoul Armfield: "RE: protect MS Windows 95/98/Me"

Previous message: Kent Stairley: "book recommendations"
Next in thread: McGill, Lachlan: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Maybe reply: McGill, Lachlan: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Reply: Michaelian Ennis: "Re: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Maybe reply: Smith, Chris: "RE: Creating Signatures on Cisco IDS enabled IOS based Firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: IDS, IPS or just rubbish
... then it sounds a lot like an IDS to me. ... I wonder what ISS' new firewall will be called? ... They do not have many signatures. ... world's premier technical IT security event! ...
(Focus-IDS)
Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
... > not have enough signatures to give you the sort of security you need. ... Why would you want a signature based IDS at all? ... Then use a firewall that only passes what is explicitly ... allowed and raises an alarm for everything that isn't. ...
(Firewall-Wizards)
Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
... >>> IDS on the same machine as a firewall? ... >>> not have enough signatures to give you the sort of security you need. ... > I think it should be re-iterated that the D in IDS is 'Detection'. ... understand) the reports. ...
(Firewall-Wizards)
RE: [fw-wiz] Log checking?
... Maybe this is too obvious to mention, but what I watch for in my firewall ... I'm less worried about find things that will be IDS ... signatures next month than I am about finding things that will never be IDS ... higher-cost threats in my view, such as the bad insider, strategic ...
(Firewall-Wizards)
Re: Value of "richer" signatures?
... Snort, Dragon, and NFR, and I can tell you that they ... Here's an example of how the newer IDS signatures help ... Let's say you are using a simple packet grepping IDS ... > an FTP connection). ...
(Focus-IDS)