Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
0
Helpful
6
Replies

S189 resets some things to their default settings?

Go to solution
jchrisos
Level 1
Level 1

‎09-20-2005 05:16 AM - edited ‎03-10-2019 01:38 AM

I didn't see anything in the release notes or the readme that comes with the update, but where can I find a list of what changes are made after applying this upgrade?

The reason I ask is because I have ssh on a non-standard port. After installing this patch, ssh was changed back to port 22. Also, I was having RDEP errors.

Any body know what changes are made to the defaults?

Thanks,

Jim

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ibanezm
Level 1
Level 1

‎09-21-2005 07:54 AM

Jim,

Supported sensor configurations are preserved when upgrading to 4.1(5). Cisco only supports configurations using the CLI. The ssh port cannot be changed via the CLI. Changing system config files via the service account is not a good idea and not supported.

-Mario

View solution in original post

0 Helpful
6 Replies 6

Go to solution
ibanezm
Level 1
Level 1

‎09-21-2005 07:54 AM

Jim,

Supported sensor configurations are preserved when upgrading to 4.1(5). Cisco only supports configurations using the CLI. The ssh port cannot be changed via the CLI. Changing system config files via the service account is not a good idea and not supported.

-Mario

0 Helpful

Go to solution
jchrisos
Level 1
Level 1
In response to ibanezm

‎09-25-2005 12:48 AM

What does "not supported" exactly mean? If I change the ssh port, does that void my warranty or something? Or are you saying if I screw something up by changing the SSH port, Cisco won't help me fix it?

Thanks again!!!!!!!!

Jim

0 Helpful

Go to solution
ibanezm
Level 1
Level 1
In response to jchrisos

‎09-25-2005 03:54 PM

Jim - Doing non-supported configurations won't void your warranty. We'll do our best to help you. In this case it simply means that such system config file changes via the service account won't be preserved upon a subsequent upgrade.

0 Helpful

Go to solution
jchrisos
Level 1
Level 1
In response to ibanezm

‎09-25-2005 11:00 PM

I gotcha now. So that is the reason why my changes were lost then? Going from 4.1(4) to 4.1(5)?

Thanks again!

Jim

0 Helpful

Go to solution
randy.manning
Level 1
Level 1
In response to jchrisos

‎09-27-2005 07:03 AM

When I upgraded from sp 4 to sp 5 sig 189, I noticed NAC wouldn't shun connections, but hosts? Well, anyway... On Friday 9/23, upgrading from sig189 to sig191, my event filters for 3030 (which is configured to initiate a shun for that alert) stopped working and IDS started shunning servers that were once "protected" by the associated event filter. I downgraded back to 190 and the event filter started working again.

This ring a bell for anyone?

0 Helpful

Go to solution
ibanezm
Level 1
Level 1
In response to randy.manning

‎09-28-2005 07:07 AM

The event actions on 4.1(4) and 4.1(5) are the same:

log

reset

shunHost

shunConnection

ZERO

I just tested that event action configurations (including shunHost and shunConnection) are merged from 4.1(4) to 4.1(5)S189 to 4.1(5)S191. I configured additional signatures in each version and they were all preserved.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card