[ LiB ] |
The practice labs in this section will help sharpen the CLI skills you just learned. Make sure that you try to complete the labs; if you don't have a sensor, just practice on paper. (Remember that during the test, you will not always have an IDS sensor, so practicing on paper can be a good way to learn and remember.)
In this lab, configure the sensor to support the listed requirements. Listing 7.18 displays one possible solution that you can use to cross-check your answer.
The requirements follow:
sensor# config t sensor(config)# service host sensor(config-Host)# networkparams sensor(config-Host-net)# ipaddress 10.1.9.201 sensor(config-Host-net)# netmask 255.255.255.0 sensor(config-Host-net)# defaultGateway 10.1.1.1 sensor(config-Host-net)# no accesslist ip address 10.0.0.0 sensor(config-Host-net)# accesslist ip address 10.1.1.1 netmask 255.255.255.255 sensor(config-Host-net)# show settings networkParams ----------------------------------------------- ipAddress: 10.1.9.201 netmask: 255.255.255.0 default: 255.255.255.0 defaultGateway: 10.1.1.1 hostname: sensor telnetOption: enabled default: disabled accessList (min: 0, max: 512, current: 2) ----------------------------------------------- ipAddress: 10.1.1.1 netmask: 255.255.255.255 default: 255.255.255.255 ----------------------------------------------- ----------------------------------------------- ----------------------------------------------- sensor(config-Host-net)# exit sensor(config-Host)# exit Apply Changes:?[yes]: yes sensor(config)# exit
In this lab, configure the sensor to support the listed requirements. Listing 7.19 displays one possible solution that you can use to cross-check your answer.
The requirements follow:
Sensor# config t sensor(config)# service virtual-sensor-configuration virtualSensor sensor(config-vsc)# reset-signatures SWEEP.HOST.ICMP all Warning: Executing this command will reset all specified signatures back to default. Continue with reset-signatures? [yes]: yes sensor(config-vsc)# reset-signatures ATOMIC.UDP all Warning: Executing this command will reset all specified signatures back to default. Continue with reset-signatures? [yes]: yes sensor(config-vsc)# exit sensor(config)# exit sensor# reset Warning: Executing this command will stop all applications and reboot the node. Continue with reset? : yes Broadcast message from root (Sun Dec 7 14:23:51 2003): A system reboot has been requested. The reboot may not start for 90 seconds. Request Succeeded. sensor#
In this lab, configure the sensor to support the listed requirements. Use Listing 7.20 to cross-check your answer.
The requirements follow:
sensor# config t sensor(config)# service webServer sensor(config-WebServer)# show settings general ----------------------------------------------- enable-tls: true default: true ports: 443 default: 443 server-id: HTTP/1.1 compliant <defaulted> ----------------------------------------------- sensor(config-WebServer)# general sensor(config-WebServer-gen)# port 80 sensor(config-WebServer-gen)# enable-tls false sensor(config-WebServer-gen)# exit sensor(config-WebServer)# show settings general ----------------------------------------------- enable-tls: false default: true ports: 80 default: 443 server-id: HTTP/1.1 compliant <defaulted> ----------------------------------------------- sensor(config-WebServer)# exit Apply Changes:?[yes]: yes Warning: The node must be rebooted for the changes to go into effect. Continue with reboot? [yes]: yes Broadcast message from root (Sun Dec 7 14:40:29 2003): A system reboot has been requested. The reboot may not start for 90 seconds. sensor(config) #
[ LiB ] |