Showing results for 
Search instead for 
Did you mean: 

IDS v4.1 allowed hosts (permit any)

Level 1
Level 1

To allow any connection can I add an allowed hosts entry from ? I need to temporarily grant all networks access to the IDS management.

2 Replies 2

Cisco Employee
Cisco Employee

it probably be

Yes, this would work. Using would actually only allow connections to the IDS from IP (an unlikely case)...

The file your messing with, just in case you want to figure it out in terms of the Linux distro underneath the Cisco IDS software, is /etc/hosts.allow

Any advice you might find via Google about how to configure TCP wrappers, which is what is being used to limit connections to TCP 22 and 443 on the Cisco sensor, will work (in theory).

The easiest thing, of course, is to configure in the GUI (be it IDSMC or IDM) for the access list if you need to open access up to any host.

I guess I don't need to point out that this should be avoided whenever possible, but I'll throw it out there anyway. Granted, you still have a username/password pair protecting your sensor from unauthorized logins but I think everyone agrees that the added restrictions imposed by TCP wrappers guarantees that you'll only have to deal with connections from "trusted" hosts.

I hope this helps,

Alex Arndt

Review Cisco Networking for a $25 gift card