Halo Kenny, Make sure the logging system is on: ---- Logging to sys-log server------- Logging on Logging host Inside xxx.xxx.xxx.xxx
You cannot upgrade the PIX Firewall Signature. PIX only monitor for 59 Signature. Need more signature? Then go to IDS. An IDS can monitor up to 300 or more Signatures. The Cisco PIX Device Manager is no more than a GUI configuration tool. Best Regards, HATO >From: "Kenny Smith" >Reply-To: "Kenny Smith" >To: [EMAIL PROTECTED] >Subject: Why PIX's IDS can't detect a port scan? [7:59052] >Date: Thu, 12 Dec 2002 08:44:10 GMT > >Hi.. I implemented IDS in both PIX firewall outside and inside interface, >but when I do a portscan on my PIX firewall's inside interface IP, I can't >see any IDS alarm on my PIX log. Why? Below is my IDS config on my PIX >inside interface. > >ip audit name inside-attack attack action alarm >ip audit name inside-info info action alarm > >ip audit interface inside inside-info >ip audit interface inside inside-attack > >nameif ethernet0 outside security0 >nameif ethernet1 inside security100 > >************************************************************************ > >Q2) By the way, how to add a new IDS signature to our PIX config? upgrade >the PIX Device Manager? > > > >_________________________________________________________________ >The new MSN 8: smart spam protection and 2 months FREE* >http://join.msn.com/?page=features/junkmail _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59057&t=59052 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
