04-23-2005 06:06 PM - edited 03-10-2019 01:25 AM
To allow any connection can I add an allowed hosts entry from 0.0.0.0 255.255.255.255 ? I need to temporarily grant all networks access to the IDS management.
04-25-2005 02:57 PM
it probably be 0.0.0.0 0.0.0.0
04-26-2005 04:08 AM
Yes, this would work. Using 0.0.0.0/255.255.255.255 would actually only allow connections to the IDS from IP 0.0.0.0 (an unlikely case)...
The file your messing with, just in case you want to figure it out in terms of the Linux distro underneath the Cisco IDS software, is /etc/hosts.allow
Any advice you might find via Google about how to configure TCP wrappers, which is what is being used to limit connections to TCP 22 and 443 on the Cisco sensor, will work (in theory).
The easiest thing, of course, is to configure 0.0.0.0/0.0.0.0 in the GUI (be it IDSMC or IDM) for the access list if you need to open access up to any host.
I guess I don't need to point out that this should be avoided whenever possible, but I'll throw it out there anyway. Granted, you still have a username/password pair protecting your sensor from unauthorized logins but I think everyone agrees that the added restrictions imposed by TCP wrappers guarantees that you'll only have to deal with connections from "trusted" hosts.
I hope this helps,
Alex Arndt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide