Cisco IDS Sensor Initialization

[ LiB ]  

Basic sensor initialization involves a few steps. These steps include the initial setup command to configure the interfaces, hostname, IP address, and default gateways. After accomplishing these tasks , you are ready to create user accounts for the sensor. These steps are discussed in detail in the following subsections of this chapter.

Using the setup Command

Configuring basic sensor settings with the setup command is a simple process. The command issues a series of prompts that take you through the process of configuring the sensor. Here is a list of those prompts:

  • Hostname

  • IP address

  • Netmask

  • Default gateway

  • Telnet server

  • Web server port

Listing 6.3 shows the dialog the setup command uses while you enter the basic configuration settings. The text in bold indicates points where the sensor stops and requests a setting. As you can see, we have entered all the settings needed to complete the setup and save the configuration. Follow the listing slowly and perhaps even execute the command on your sensor to learn the flow of this sequence and to practice entering the settings.

Listing 6.3. Sample setup Command Dialog
 sensor#  setup  --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. User ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Current Configuration: networkParams ipAddress netmask defaultGateway hostname sensor telnetOption enabled accessList ipAddress netmask exit timeParams summerTimeParams active-selection none exit exit service webServer general ports 443 exit exit Current time: Mon Dec  1 12:03:46 2003 Setup Configuration last modified: Mon Dec  1 12:01:11 2003 Continue with configuration dialog?[yes]:  yes  Enter host name[sensor]:  sensor1  Enter IP address[]:  Enter netmask[]:  Enter default gateway[]:  Enter telnet-server status[enabled]:  enabled  Enter web-server port[443]:  443  Modify current access list?[no]:  no  Modify system clock settings?[no]:  no  The following configuration was entered. networkParams ipAddress defaultGateway hostname sensor1 telnetOption enabled accessList ipAddress netmask exit timeParams summerTimeParams active-selection none exit exit service webServer general ports 443 exit exit [0] Go to the command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration and exit setup. Enter your selection[2]:  2  Configuration Saved. 

Notice that the setup command first outputs the current configuration before you start entering the first value; this point occurs at the code line Continue with configuration dialog?[yes]: yes .

User Accounts

The IDS 4.0 supports several types of user accounts as explained in Chapter 5, "Cisco IDS Architecture and Communications Protocols." Once you finish the setup command, you are ready to create user accounts. For example, to create an administrator account, just use the username command at the sensor(config)# prompt.

In Listing 6.4, a user called danny is created as an administrator on the sensor. This code example also uses the show users all command to display all the accounts currently configured. Once you finish these steps, your sensor is ready for action.

Listing 6.4. Sample Administrator Account Creation
 sensor#  config terminal  sensor(config)#  username danny password 13579@$^*) privilege administrator  sensor(config)#  exit  sensor#  show user all  CLI ID   User    Privilege *   1292     cisco   administrator              danny   administrator 

[ LiB ]  

CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
Year: 2004
Pages: 213 © 2008-2017.
If you may any questions please contact us: