Home Up Feedback Contents Search Duke American History Cisco Downloads Favorite Links Free eMail Certificate Front Page Archive News Microsoft Stuff Patrick's Home Page Taxes Who Pays Top 10 List MP3 - UberShare Weekly Schedule MP3 Top Page 2 Technical Dictionary

Additional References
Links Additional References

 

      

Additional References

For additional information related to Firewall Intrusion Detection System (IDS) Signature Enhancements, refer to the following references:

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Related Documents

Related Topic Document Title

IDS information and configuration tasks

The chapter "Configuring Cisco IOS Firewall Intrusion Detection System" in the Cisco IOS Security Configuration Guide, Release 12.2

IDS commands

The chapter "Cisco IOS Firewall Intrusion Detection System Commands" in the Cisco IOS Security Command Reference , Release 12.2

Vulnerability statistics using SPA data that has been collected by the Cisco Secure Consulting Services

Cisco Secure Encyclopedia

Standards

Standards Title

None

MIBs

MIBs1 MIBs Link

None

To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
1Not all supported MIBs are listed.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://tools.cisco.com/ITDIT/MIBS/servlet/index

If Cisco  MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco  MIBs page at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

http://www.cisco.com/register

RFCs

RFCs1 Title

RFC 0768

User Datagram Protocol

RFC 0791

Internet Protocol

RFC 0793

Transmission Control Protocol

RFC 1035

Domain Names—Implementation and Specification

RFC 1945

Hypertext Transfer Protocol -- HTTP/1.0

RFC 2616

Hypertext Transfer Protocol -- HTTP/1.1
1Not all supported RFCs are listed.

Technical Assistance

Description Link

Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/public/support/tac/home.shtml

Command Reference

This feature uses no new or modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.2 T command reference publications.

Glossary

ACL—access control list. ACL is a list kept by routers to control access to or from the router for a number of services (for example, to prevent packets with a certain IP address from leaving a particular interface on the router).

CBAC—Context-Based Access Control. CBAC is the protocol that provides internal users with secure access control for each application and for all traffic across network perimeters. CBAC enhances security by scrutinizing both source and destination addresses and by tracking the connection status of each application.

Compound—Type of attack signature that occurs across multiple packets on the context of a session (referred to as composite in the Network Security Database [NSDB].)

Cisco IOS Firewall IDS—The limited subset of Cisco Secure IDS features provided in Cisco IOS.

The Cisco IOS Firewall IDS feature supports intrusion detection technology for low-range to high-end router platforms with firewall support. It is ideal for any network perimeter, and especially for locations in which a router is being deployed and additional security between network segments is required. It also can protect intranet and extranet connections where additional security is mandated, and branch-office sites connecting to the corporate office or Internet.

Cisco Secure IDS—Enterprise-scale, real-time intrusion detection system designed to detect, report, and terminate unauthorized activity throughout a network.

NSDB—Network Security Database. A NSDB is a database that contains the collection of signatures defined and supported by Cisco Secure IDS.

SME—signature micro engine. SME is the code in Cisco Secure IDS that implements the state machine to process a given set of similar signatures.

SPA—Security Posture Assessment. Determines the most commonly found vulnerabilities.

Note   Refer to the Internetworking Terms and Acronyms for terms not included in this glossary.

 

Home ] Up ]

Send mail to webmaster@pbassogroup.com with questions or comments about this web site.
Copyright © 2003 P Basso Group, Inc.
Last modified: 12/16/03