IDSM-2 Password and config guide

Unanswered Question
Jul 30th, 2007
User Badges:

Hello, i need some help here about IDS, i'm so noob about IDS.


Like another ppl's case before, i also can't access the IDS module. It's likely that someone changed the password before and i'm the new guy in this company. And it's never activated in 6500 switch before. As i see there's no configuration in show run | inc intrusion-detection.


I think about reimage cause i have no idea what is the login of root and service in IDS as i read in documentation.


I can only access login with user : guest and pass : cisco. After i reset the cf:1 and it goes to maintenance image version 2.1(2).


When i show module in 6500 switch, it shows :

Mod Ports Card Type Model Serial No.

--- ----- -------------------------------------- ------------------ -----------

4 8 Intrusion Detection System (MP) WS-SVC-IDSM-2 SAD104400HR


Mod MAC addresses Hw Fw Sw Status

--- ---------------------------------- ------ ------------ ------------ -------

4 0019.0628.0602 to 0019.0628.0609 6.2 7.2(1) 2.1(2)m Ok


Mod Sub-Module Model Serial Hw Status

--- --------------------------- ------------------ ------------ ------- -------

4 IDS 2 accelerator board WS-SVC-IDSUPG ADBG63900378 2.5 Ok


Mod Online Diag Status

--- -------------------

4 Pass



and when i show version and image in the IDS as "guest", it shows :


[email protected]#show version


Maintenance image version: 2.1(2)

mp.2-1-2.bin : Thu Nov 18 11:41:36 PST 2004 : [email protected]


Line Card Number :WS-SVC-IDSM2-XL

Number of Pentium-class Processors : 2

BIOS Vendor: Phoenix Technologies Ltd.

BIOS Version: 4.0-Rel 6.0.9

Total available memory: 2012 MB

Size of compact flash: 122 MB

Size of hard disk: 38154 MB

Daughter Card Info: Falcon rev 3, FW ver 2.1.3.1 (IDS), SRAM 8 MB, SDRAM 256 MB


[email protected]#show images

Device name Partition# Image name

----------- ---------- ----------

Hard disk(hdd) 1 5.0(2)


For the show config above, what image should i get to reimage this IDS? And could you give me the link? And give me the link the link of config guide to this stuff. And for one thing, i just found 1 IDSM-2 module in 6500 and no IDSM-1 as i know as sensor. Could i use IDSM-2 standalone to detect malicious traffic and packet?


Thanks before and sorry for being so noob and asking too much ^.^


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Charles_Chi4 Sun, 08/05/2007 - 20:34
User Badges:

Hi Yusuff,


Could i set the IDSM-2's log into syslog application like kiwi?

Actions

This Discussion