Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Reset Trojan Sigs to default

When I first began to tune the sensor, I went in with the IDM and turned on most of the older trojan definitions just to see if anything was hiding in the network. I have not had any hits on those sigs for a couple of weeks and I would like to set all the trojan sigs back to default (ie back to retired) in one stroke via the CLI. I am running version 5 of the IDS software. Is there an easy way to do this? Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Reset Trojan Sigs to default

There is no single command that can reset all trojan signatures to their default values. Your best option is to re-apply the lastest service pack (not latest signature udpate) to the Sensor. This will reset most of the signatures to their default values.

3 REPLIES
Silver

Re: Reset Trojan Sigs to default

There is no single command that can reset all trojan signatures to their default values. Your best option is to re-apply the lastest service pack (not latest signature udpate) to the Sensor. This will reset most of the signatures to their default values.

Community Member

Re: Reset Trojan Sigs to default

Ok, thanks for your help.

Gold

Re: Reset Trojan Sigs to default

It's pretty easy using the IDM, but I don't think you can do it using the CLI without knowing the sig numbers. FWIW, I don't think a service pack is going to do it either.

153
Views
0
Helpful
3
Replies
CreatePlease to create content