09-05-2003 01:59 PM - edited 03-09-2019 04:41 AM
Hi, I have applied S51 signature update IDS-sig-3.1-4-S51.bin (automatically) with idsupdate/idsapply. The log shows that it is update successfully. The version also shows S51.
packetd.conf shows:
#
# Merge Done By IDSk9-sp-3.1-4-S50.bin
#
SigOfGeneral 5380 0 4 4 4 4 # phpBB SQL injection
SigOfGeneral 5381 0 4 4 4 4 # VPASP SQL injection
SigOfGeneral 5382 0 4 4 4 4 # Xpressions SQL Admin Bypass
SigOfGeneral 5385 0 4 4 4 4 # CiscoWorks User Priviledge Modification
SigOfGeneral 5386 0 5 5 5 5 # CiscoWorks Command Exec
#
# Merge Done By ids-postpatch
#
However I cannot find the new signatures 3125, 3125,5389 in the config files, or using the unix IDS director GUI. I did find it using .SigWizMenu. Any idea why? Just want to confirm that the new signatures are active, and can be tunned if necessary via SigUser. Thanks.
Solved! Go to Solution.
09-08-2003 03:23 PM
There is a bug in our signature update. The packetd.conf file was not updated correctly.
We are fixing the problem and will send out the fix in S52.
09-08-2003 07:34 AM
The S51 update for the Unix director is a separate download. Did you install it as well?
09-08-2003 03:23 PM
There is a bug in our signature update. The packetd.conf file was not updated correctly.
We are fixing the problem and will send out the fix in S52.
09-09-2003 03:43 AM
We have applied the S51 update to the Unix director successfully. We will apply the S52 update when available. Thank you both for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide