Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

4-26

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 4 Setting Up the Sensor

Configuring Authentication and User Parameters

sensor(config-aut)#

Step 5 Restrict all users from executing packet capture/display and IP log commands.

sensor(config-aut)# permit-packet-logging false

Step 6 Check your new setting.

sensor(config-aut)# show settings

attemptLimit: 0 <defaulted>

password-strength

-----------------------------------------------

size: 8-64 <defaulted>

digits-min: 0 <defaulted>

uppercase-min: 0 <defaulted>

lowercase-min: 0 <defaulted>

other-min: 0 <defaulted>

number-old-passwords: 0 <defaulted>

-----------------------------------------------

permit-packet-logging: false default: true

cli-inactivity-timeout: 0 <defaulted>

sensor(config-aut)#

Step 7 Exit authentication mode.

sensor(config-aut)# exit

Apply Changes:?[yes]:

Step 8 Press Enter to apply the changes or enter no to discard them.

Creating the Service Account

You can create a service account for TAC to use during troubleshooting. Although more than one user

can have access to the sensor, only one user can have service privileges on a sensor. The service account

is for support purposes only.

The root user password is synchronized to the service account password when the service account is

created. To gain root access you must log in with the service account and switch to user root with the

su - root command.

Caution Do not make modifications to the sensor through the service account except under the direction of TAC.

If you use the service account to configure the sensor, your configuration is not supported by TAC.

Adding services to the operating system through the service account affects proper performance and

functioning of the other IPS services. TAC does not support a sensor on which additional services have

been added.

Caution You should carefully consider whether you want to create a service account. The service account

provides shell access to the system, which makes the system vulnerable. However, you can use the

service account to create a password if the administrator password is lost. Analyze your situation to

decide if you want a service account existing on the system.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems IPS 7.1 Home Security System User Manual