B-13
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
Appendix B Signature Engines
AIC Engine
Table B-6 lists the parameters that are specific to the AIC FTP engine.
For More Information
•
For the procedures for configuring AIC engine signatures, see Configuring AIC Signatures,
page 7-17.
•
For an example of a custom AIC signature, see Creating an AIC Signature, page 7-26.
request-methods Specifies an AIC signature that
allows actions to be associated with
HTTP request methods:
•
define-request-method—Specifie
s get, put, and so forth.
•
recognized-request-methods—Li
sts methods recognized by the
sensor.
—
transfer-encodings Specifies an AIC signature that
deals with transfer encodings:
•
define-transfer-encoding—Assoc
iates an action with each
method, such as compress,
chunked, and so forth.
•
recognized-transfer-encodings—
Lists methods recognized by
the sensor.
•
chunked-transfer-encoding—Err
or specifies actions to be taken
when a chunked encoding error
is seen.
—
Table B-5 AIC HTTP Engine Parameters (continued)
Parameter Description
Table B-6 AIC FTP Engine Parameters
Parameter Description Value
signature-type Specifies the type of
AIC signature.
•
ftp-commands
•
unrecognized-ftp-command
•
ftp-commands Associates an action
with an FTP command:
•
ftp-command—Lets
you choose the FTP
command you want
to inspect.
•
help, noop, stat, syst, user, abort,
acct, allo, appe, cdup, cwd, dele, list,
mkd, mode, nlst, pass, pasv, port,
pass, quit, rein, rest, retr, rmd, rnfr,
rnto, site, smnt, stor, stou, stru, type
unrecognized-ftp-command Inspects unrecognized
FTP commands.
—