انا شغلت IOS IPS على dynamips وكنت بأستخدم هذه image
C3725-ADVENTERPRISEK9-M), Version 12.4(15)T5
هذا اللنك فيه signatures
https://rapid4me.com/download.php?f=6...S-S313-CLI.pkg
وهذه الخطوات من سيسكو
https://www.cisco.com/en/US/prod/col...d805c4ea8.html
وهذه النتائج عندي في dynamips
Router#copy flash:IOS-S313-CLI.pkg idconf
*Mar 1 00:19:01.323: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:19:20.807: %IPS-6-ENGINE_BUILDS_STARTED: 00:19:20 UTC Mar 1 2002
*Mar 1 00:19:20.807: %IPS-6-ENGINE_BUILDING: multi-string - 8 signatures - 1 of 13 engines
*Mar 1 00:19:20.827: %IPS-6-ENGINE_READY: multi-string - build time 20 ms - packets for this engine will be scanned
*Mar 1 00:19:20.839: %IPS-6-ENGINE_BUILDING: service-http - 622 signatures - 2 of 13 engines
*Mar 1 00:19:25.747: %IPS-6-ENGINE_READY: service-http - build time 4908 ms - packets for this engine will be scanned
*Mar 1 00:19:25.759: %IPS-6-ENGINE_BUILDING: string-tcp - 961 signatures - 3 of 13 engines
Router#
*Mar 1 00:19:44.367: %IPS-6-ENGINE_READY: string-tcp - build time 18608 ms - packets for this engine will be scanned
*Mar 1 00:19:44.383: %IPS-6-ENGINE_BUILDING: string-udp - 75 signatures - 4 of 13 engines
*Mar 1 00:19:44.771: %IPS-6-ENGINE_READY: string-udp - build time 388 ms - packets for this engine will be scanned
*Mar 1 00:19:44.771: %IPS-6-ENGINE_BUILDING: state - 28 signatures - 5 of 13 engines
*Mar 1 00:19:44.819: %IPS-6-ENGINE_READY: state - build time 48 ms - packets for this engine will be scanned
*Mar 1 00:19:44.851: %IPS-6-ENGINE_BUILDING: atomic-ip - 275 signatures - 6 of 13 engines
*Mar 1 00:19:45.475: %IPS-6-ENGINE_READY: atomic-ip - build time 624 ms - packets for this engine will be scanned
*Mar 1 00:19:45.495: %IPS-6-ENGINE_BUILDING: string-icmp - 3 signatures - 7 of 13 engines
*Mar 1 00:19:45.539: %IPS-6-ENGINE_READY: string-icmp - build time 44 ms - packets for this engine will be scanned
*Mar 1 00:19:45.539: %IPS-6-ENGINE_BUILDING: service-ftp - 3 signatures - 8 of 13 engines
Router#
Router#show ip ips signature count
Cisco SDF release version S313.0
Trend SDF release version V0.0
Signature Micro-Engine: multi-string: Total Signatures 8
multi-string enabled signatures: 8
multi-string retired signatures: 8
Signature Micro-Engine: service-http: Total Signatures 622
service-http enabled signatures: 125
service-http retired signatures: 525
service-http compiled signatures: 97
service-http obsoleted signatures: 1
Signature Micro-Engine: string-tcp: Total Signatures 961
string-tcp enabled signatures: 457
string-tcp retired signatures: 844
string-tcp compiled signatures: 117
string-tcp obsoleted signatures: 9
Signature Micro-Engine: string-udp: Total Signatures 75
string-udp enabled signatures: 2
string-udp retired signatures: 54
string-udp compiled signatures: 21
string-udp obsoleted signatures: 1
Signature Micro-Engine: state: Total Signatures 28
state enabled signatures: 15
state retired signatures: 25
state compiled signatures: 3
-----------------------------------------------------
Router(config)#ip ips signature-definition
Router(config-sigdef)#signature ?
<1-65535> Signature ID value
Router(config-sigdef)#signature 2000
Router(config-sigdef-sig)#?
Category Options for configuration:
alert-severity Alarm Severity Rating
engine Engine
exit Exit from Category Actions Mode
fidelity-rating Signature Fidelity Rating
no Negate or set default values of a command
status Status
Router(config-sigdef-sig)#engine
Router(config-sigdef-sig-engine)#?
Engine options for signatures:
event-action Action
exit Exit from engine submode
no Negate or set default values of a command
Router(config-sigdef-sig-engine)#event-action ?
deny-attacker-inline Deny Attacker
deny-connection-inline Deny Connection
deny-packet-inline Deny Packet
produce-alert Produce Alert
reset-tcp-connection Reset TCP Connection
<cr>
Router(config-sigdef-sig-engine)#event-action produce-alert
------------------------------------------
ip ips signature-category
category all
retired true
category ios_ips basic
retired false
!
crypto key pubkey-chain rsa
named-key realm-cisco.pub signature
key-string
30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101
00C19E93 A8AF124A D6CC7A24 5097A975 206BE3A2 06FBA13F 6F12CB5B 4E441F16
17E630D5 C02AC252 912BE27F 37FDD9C8 11FC7AF7 DCDD81D9 43CDABC3 6007D128
B199ABCB D34ED0F9 085FADC1 359C189E F30AF10A C0EFB624 7E0764BF 3E53053E
5B2146A9 D7A5EDE3 0298AF03 DED7A5B8 9479039D 20F30663 9AC64B93 C0112A35
FE3F0C87 89BCB7BB 994AE74C FA9E481D F65875D6 85EAF974 6D9CC8E3 F0B08B85
50437722 FFBE85B9 5E4189FF CC189CB9 69C46F9C A84DFBA5 7A0AF99E AD768C36
006CF498 079F88F8 A3B3FB1F 9FB7B3CB 5539E1D1 9693CCBB 551F78D2 892356AE
2F56D826 8918EF3C 80CA4F4D 87BFCA3B BFF668E9 689782A5 CF31CB6E B4B094D3
F3020301 0001
quit
!
!
interface FastEthernet0/0
ip address 192.168.1.20 255.255.255.0
ip ips test out
المفضلات