NUBSolutions

Just another WordPress.com weblog

Setting IDS di Firewall PIX Cisco

Posted by nubsolutions on June 26, 2009

Untuk mengaktifkan IDS di firewall PIX, yang perlu dilakukan adalah menambah command:

logging on
logging timestamp
logging trap errors

logging host inside 192.168.x.x

ip audit info action alarm
ip audit attack action alarm

ip audit name idsinfo info action alarm
ip audit name idsattack attack action alarm drop reset

ip audit interface outside idsinfo
ip audit interface inside idsinfo

ip audit interface outside idsattack
ip audit interface inside idsattack

Untuk menghapus fungsi IDS, harus menggunakan PDM, karena fungsi menghapus via console tidak ada. Untuk membaca log-nya, harus disediakan log server, salah satu yang sering digunakan adalah kiwi syslog server.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: