cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
423
Views
0
Helpful
2
Replies

IDS v4.1 allowed hosts (permit any)

jason.aarons
Level 1
Level 1

To allow any connection can I add an allowed hosts entry from 0.0.0.0 255.255.255.255 ? I need to temporarily grant all networks access to the IDS management.

2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

it probably be 0.0.0.0 0.0.0.0

Yes, this would work. Using 0.0.0.0/255.255.255.255 would actually only allow connections to the IDS from IP 0.0.0.0 (an unlikely case)...

The file your messing with, just in case you want to figure it out in terms of the Linux distro underneath the Cisco IDS software, is /etc/hosts.allow

Any advice you might find via Google about how to configure TCP wrappers, which is what is being used to limit connections to TCP 22 and 443 on the Cisco sensor, will work (in theory).

The easiest thing, of course, is to configure 0.0.0.0/0.0.0.0 in the GUI (be it IDSMC or IDM) for the access list if you need to open access up to any host.

I guess I don't need to point out that this should be avoided whenever possible, but I'll throw it out there anyway. Granted, you still have a username/password pair protecting your sensor from unauthorized logins but I think everyone agrees that the added restrictions imposed by TCP wrappers guarantees that you'll only have to deal with connections from "trusted" hosts.

I hope this helps,

Alex Arndt

Review Cisco Networking for a $25 gift card