Solutions Fast Track
Identifying the Sensor
4210 is a distinct RU.
4210 ports are on top of anniversary other. The sniffing port, /dev/prb0, is amid on the bottom. The ascendancy anchorage prb1 can be begin on top.
The 4220 and 4230 accept amplification slots. The ascendancy anchorage is congenital in, while the sniffing ports absorb one of the slots (which aperture depends on the arrangement used).
The Ethernet sniffing anchorage /dev/spwr0 occupies aperture 5.
For badge ring, use /dev/mtok36. The agenda occupies aperture 6.
An FDDI arrangement utilizes /dev/ptpci, which occupies aperture 4.
Initializing the Sensor
You charge be basis to initialize the sensor.
Execute the command sysconfig-sensor and complete options 1–6 to get the sensor online.
The host IDs charge be different for anniversary accessory in the IDS infrastructure.
The alignment name and ID should be the aforementioned for all accessories in a distinct infrastructure.
Using the Sensor Command-Line Interface
When troubleshooting the sensor, advance idsconns to analysis connectivity with the administration device.
idsstatus will acquaint you what casework are up.
cidServer adaptation will acquaint you what versions of the daemons are actuality used.
idsstart and idsstop do aloof what they say.
idsvers verifies the adaptation of sensor software.
Don't balloon to be logged in as netrangr to use these commands!
Configuring the SPAN Interface
Configure SPAN ports or VSPAN for either Egress, Ingress, or both.
Egress is the SPAN anchorage (or VSPAN) accepting and artful to the destination port.
Ingress is the SPAN anchorage (or VSPAN) transmitting and artful to the destination port.
Both copies address and accept cartage to the destination port.
The destination anchorage is area the sensor resides.
Recovering the Sensor's Password
Don't alike attack to balance the sensor's countersign unless you accept a Solaris for Intel CD-ROM, Solaris Accessory Configuration Assistant deejay (boot disk).
You charge animate admission to the workstation for countersign recovery.
The Solaris Accessory Configuration Assistant cossack deejay can be downloaded from Sun, not from Cisco.
You will be alteration the adumbration book in the OS that contains accounts and passwords. If you are not accustomed or adequate with the process, acquisition a Unix being and accept them do it for you.
Reinitializing the Sensor
Use the accompanying Upgrade/Recovery CD to reinitialize the sensor.
If you accept the angel downloaded from Cisco.com, use that to save a minute or two.
Once you reinitialize the sensor, aggregate is overwritten, including passwords. You are starting from scratch.
Don't balloon to certificate your settings afore activity this route.
Upgrading a Sensor from 3.1 to 4.0
To advancement sensor models IDS-4220-E or IDS-4230-FE, bandy the cables for the sniffing interface as able-bodied as for the command and ascendancy interface.
Before you can advancement a sensor archetypal IDS-4235 or IDS-4250, you accept to advancement the BIOS in adjustment to install adaptation 4.0.
The absence username and countersign to log in to the CLI for adaptation 4.0 are both cisco.
The command to initially configure the sensor is setup.