8-14
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 8 Defining Signatures
Configuring Signatures
Configuring the Vulnerable OSes for a Signature
Use the vulnerable-os command in signature definition submode to configure the list of vulnerable OSes
for a signature. The following options apply:
• general-os—Specifies all OS types
• ios—Specifies the variants of Cisco IOS
• mac-os—Specifies the variants of Macintosh OS
• netware—Specifies Netware
• other—Specifies any other OS
• unix—Specifies the variants of UNIX
• aix—Specifies the variants of AIX
• bsd—Specifies the variants of BSD
• hp-ux—Specifies the variants of HP-UX
• irix—Specifies the variants of IRIX
• linux—Specifies the variants of Linux
• solaris—Specifies the variants of Solaris
• windows—Specifies the variants of Microsoft Windows
• windows-nt-2k-xp—Specifies the variants of Microsoft NT, 2000, and XP
• win-nt—Specifies the specific variants of Windows NT
Configuring Vulnerable OSes
To configure the vulnerable OSes for a signature, follow these steps:
Step 1 Log in to the CLI using an account with administrator or operator privileges.
Step 2 Enter signature definition submode.
sensor# configure terminal
sensor(config)# service signature-definition sig1
Step 3 Specify the signature you want to configure.
sensor(config-sig)# signatures 6000 0
Step 4 Specify the vulnerable OSes for this signature.
sensor(config-sig-sig)# vulnerable-os linux|aix
Step 5 Verify the settings.
sensor(config-sig-sig)# show settings
sig-id: 60000
subsig-id: 0
-----------------------------------------------
alert-severity: medium <defaulted>
sig-fidelity-rating: 75 <defaulted>
promisc-delta: 0 <defaulted>
sig-description
-----------------------------------------------
sig-name: My Sig <defaulted>
sig-string-info: My Sig Info <defaulted>
sig-comment: Sig Comment <defaulted>