Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

how to auto download cisco IDS signature to a ftp server?

CISCO IDS signature update is truly frustrating. I understand that you can not pull the signature from Cisco site automatically to sensor. But how about can you automatically download it to your ftp server at least? If yes, any one has some script to automate the process?

Thanks.

3 REPLIES

Re: how to auto download cisco IDS signature to a ftp server?

Hi,

just an idea how it could work on a Windows PC/Server:

Use some automatic FTP downloader to download the update package from CCO.

Example: You can use SpeedBit DAP (http://www.speedbit.com/DAP7/FAQ.asp?V=7.0.1.0#1) which enables you to configure scheduled download each day and set your user and password for CCO access in the downloader. Configure this download with the next update package URL (http://ftp.cisco.com/cisco/crypto/3DES/ciscosecure/ids/4.x/IDS-sig-4.1-3-S79.rpm.pkg) and let the DAP to try download this file every midnight, e.g., to c:\downloads\ids directory (some other sw might enable to download every hour).

Start some FTP server on your PC which works with IDS AutoUpdate feature

(I'm using 3Com 3CDaemon) and configure proper user ID, password and directory (c:\dowloads\ids) as configured on IDS.

(One note: I had to configure c:\downloads on my FTP server as user directory and //ids on the IDS to work OK.)

Let IDS to AutoUpdate every hour.

So the downloader should download the next package at the night it appears on CCO and the AutoUpdate should apply it to IDS sensor.

The final problem remaining is you have to configure complete URL for the update file. The CCO directory doesn't allow LIST command. You can configure several next files to your downloader (S79 - S85, e.g.) as a workaround and check once a week if the last one has already passed.

But generally this aproach is complicated and I'd chech every day if there is not a new IDS update anyway.

Regards,

Milan

New Member

Re: how to auto download cisco IDS signature to a ftp server?

For Cisco:

It would be nice to see CWVMS have the native ability to check for, and download, new IDS signatures as they become available. The decision to deploy the new signature automatically or manually would be up to the administrator. This is a feature of our centralized anti-virus and OS patch management servers that saves us time.

New Member

Re: how to auto download cisco IDS signature to a ftp server?

I have the same problem...have you fixed it?

Thanks.

149
Views
0
Helpful
3
Replies
CreatePlease login to create content