Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Initializing the IOS Firewall IDS

Initializing the IOS Firewall IDS

Sep 15,2009 by alperen

small font medium font large font
image

Only two commands initialize Cisco IOS Firewall IDS on a router. This section introduces the purpose, syntax, and examples of each.

The ip audit smtp spam Command

Use the global configuration mode command ip audit smtp spam to set the threshold beyond which you suspect e-mail messages contain spam. Use the no version of this command to set the number of recipients to the default setting. The syntax is

Rtr1(config)#ip audit smtp spam recipients
Rtr1(config)# no ip audit smtp spam

recipients

Integer (1–65535) that designates the maximum number of recipients in a mail message before a spam attack is suspected. The default is 250.

This command was introduced in IOS 12.0(5)T. The default is 250.

The following example changes the maximum number of e-mail recipients to 70:

Rtr1(config)#ip audit smtp spam 70

The ip audit po max-events Command

Use the global configuration mode command ip audit po max-events to specify the maximum number of event notifications placed in the router’s event queue. Additional events are dropped from the queue for sending to the CiscoSecure IDS Director. This command can be used regardless of whether the Cisco Secure IDS Director is used. Use the no version of this command to return the number to the default setting. The syntax is

Rtr1(config)#ip audit po max-events number_events
Rtr1(config)#no ip audit po max-events

number-of-events

Integer (1–65535) that designates the maximum number of events allowed in the router event queue. Increasing this number could impact memory and performance—each event in the queue requires 32KB of memory.

This command was introduced in IOS 12.0(5)T. The default is 100.

The following example changes the maximum number of events queued to 50.

Rtr1(config)#ip audit po max-events 50


209 times read

Related news
» The show ip audit configuration Command
by alperen posted on Sep 16,2009
» The show ip audit all Command
by alperen posted on Sep 16,2009
» IOS Firewall—Intrusion Detection System Questions-Answers
by alperen posted on Sep 16,2009
» The ip audit po local Command
by alperen posted on Sep 15,2009
» Configuring IOS-Based IDS Signatures
by admin posted on Nov 26,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.