Upgrading Sensors to IDS 4.0

[ LiB ]  

This section explains the basic steps to upgrade a sensor to IDS 4.0. Before you proceed, remember this warning from the previous section: the upgrade process deletes everything on the drive, including your configuration. If you are using IDS MC, however, you can quickly re-import the configuration settings into your new 4.0 IDS system. Follow these steps to upgrade a sensor:

  1. Insert the IDS 4.0 Upgrade/Recovery CD into the CD-ROM drive.

  2. Boot from the CD-ROM. Listing 6.1 displays the screen output.

    Listing 6.1. Sample Bootup Screen
     IDS-4220/4230 customers: Sniffing and Command-and-Control interfaces have been swapped in CIDS 4.0. Reference the 4.0 software documentation before proceeding. IDS-4235/4250 customers: BIOS version "A04" or later is required to run CIDS 4.0 on your appliance. Reference the 4.0 software documentation before proceeding.    - To recover the Cisco IDS 4.0 Application using a      local keyboard/monitor, type: k <ENTER>.      (WARNING: ALL DATA ON DISK 1 WILL BE LOST)    - To recover the Cisco IDS 4.0 Application using a      serial connection, type: s <ENTER>, or just press <ENTER>      (WARNING: ALL DATA ON DISK 1 WILL BE LOST) 

  3. Press k if you are installing from a keyboard and monitor; press s if you are using the console port. The system copies all the files from the CD to the hard drive, which can take several minutes.

  4. Reboot when the system finishes copying the files.

  5. Log in to the IDS using either the console or keyboard and monitor interfaces.

  6. The IDS 4.0 requires that you change the default password on startup and that the password meet specific requirements for length and content. Listing 6.2 displays the basic output of the required change password display, including responses to several attempts to change the password.


    Cisco states simply that the password must be 632 characters . However, as you can see in Listing 6.2, several other checks are made. For example, the text "it is based on a dictionary word" is an undocumented password-check feature that looks up common words used for passwords and prevents you from using them.

    Listing 6.2. Sample Required Change Password Display
    [View full width]
     sensor login: cisco Password: You are required to change your password immediately (password aged) Changing password for cisco (current) UNIX password: New password: BAD PASSWORD: it is too short New password: BAD PASSWORD: it is based on a dictionary word New password: BAD PASSWORD: it does not contain enough DIFFERENT characters New password: BAD PASSWORD: it is too simplistic/systematic Retype new password: ***NOTICE*** This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, graphics/ccc.gif distribute or use encryption. Importers, exporters, distributors and users are responsible graphics/ccc.gif for compliance with U.S. and local country laws. By using this product you agree to comply graphics/ccc.gif with applicable laws and regulations. If you are unable to comply with U.S. and local laws graphics/ccc.gif , return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www graphics/ccc.gif .cisco.com/wwl/export/crypto If you require further assistance please contact us by sending email to export@cisco.com. sensor# 

  7. When your new password is accepted, the sensor# prompt appears. At this point, you are ready to set up the sensor.


For exact upgrade instructions, go to Cisco's Web site and search for upgrade 4.0 documents. We found a good one called "New Features IDS 4-0 15284_02.pdf," so take a look for that document or anything newer .


The default sensor username is cisco and the default password is cisco .

[ LiB ]  

CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
Year: 2004
Pages: 213

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net