Cisco Systems IPS 7.1 Home Security System User Manual


  Open as PDF
of 1042
 
8-54
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 8 Defining Signatures
Creating Custom Signatures
sensor(config-sig-sig-str-no-yes)# max-match-offset 30
Step 16 Specify a minimum match offset for this signature.
sensor(config-sig-sig-str-no-yes)# exit
sensor(config-sig-sig-str-no)# specify-min-match-offset yes
sensor(config-sig-sig-str-no-yes)# min-match-offset 20
Step 17 Verify the settings.
sensor(config-sig-sig-str-no-yes)# exit
sensor(config-sig-sig-str-no)# exit
sensor(config-sig-sig-str)# show settings
string-xl-tcp
-----------------------------------------------
event-action: produce-alert <defaulted>
strip-telnet-options: false <defaulted>
direction: to-service default: to-service
service-ports: 80
specify-max-stream-length
-----------------------------------------------
no
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
specify-raw-regex-string
-----------------------------------------------
no
-----------------------------------------------
regex-string: tcpstring
dot-all: false <defaulted>
end-optional: false <defaulted>
no-case: false <defaulted>
stingy: false <defaulted>
utf8: false <defaulted>
specify-min-match-length
-----------------------------------------------
no
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
swap-attacker-victim: false <defaulted>
specify-exact-match-offset
-----------------------------------------------
no
-----------------------------------------------
specify-max-match-offset
-----------------------------------------------
yes
-----------------------------------------------
max-match-offset: 30
-----------------------------------------------
-----------------------------------------------
specify-min-match-offset
-----------------------------------------------
yes
-----------------------------------------------
min-match-offset: 20
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
-----------------------------------------------
 previous next