I just received the update in regards to 3.1(2)S26 update for the IDS.
The update for the IDS sensor was smooth and installed with no problems. I then proceeded to update the CSPM signature file on the NT Server. Everything seemed fine with the install and gave no notification of any errors. I then went into the Signatures menu to enable the new signatures however they were not listed! I checked the pulldown that enables the filtering for only signatures by version, the 3.1(2)S26 option was available yet no new signatures are present.
I then went into the new sig.data file with wordpad and noticed something odd. The new signature numbers are listed in the appropriate category however the signature entries for all the new signatures were not even present in the file
Here is the code which links the individual signatures to the proper version :
version
{
Name = "3.1(2)S26"
Parent = "3.1(2)S25"
Signatures = 3707, 3714, 5275, 5276, 5277, 5278, 9015, 9016,
9017, 9018, 9019, 9020
}
The "Signatures" line contains all the new signatures for the update. That is good however try searching for the new signatures themselves, they are not in the file.
For example : there are 6 new backdoor signatures in this update however, the last backdoor signature in the sig.data file is 9014 and ends there.
Hope this helps to remedy the problem with the update. Thanks again Cisco for the continued support and updates on this product.