Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
2
Replies

Test IOS IPS

mike.f
Level 1
Level 1

‎07-21-2005 03:28 AM - edited ‎03-10-2019 01:33 AM

How do you test a IOS IPS setup on a routers external interface checking inbound data is

working.

I have set it to notify via syslog (ip ips notify log) and i know the syslog

is working as an ACL is also set to log to syslog and this is showing

results on the syslog server.

I have tried sending (what i'm told is a ping of death) to the routers

external interface (ping -l 65500 ipaddress) but this shows on the syslog

server as being denied by the ACL but dosen't trigger a signature in the

IPS.

Is there a way of testing it from a windows platform?

Labels:
0 Helpful
2 Replies 2

vasthorvak
Level 1
Level 1

‎07-26-2005 05:15 AM

try running a port scan on a network behind the router using something like

nmap -sT -T Insane "network here"

This should trigger an alert so you can test it.

0 Helpful

bramsamy
Level 1
Level 1
In response to vasthorvak

‎07-26-2005 05:40 AM

Generate the required traffic using the NMAP application

you can get the alert Messages from the router itself , Please make use of the SDEE messages which will give the Complete info of the alerts generated ,

eg :: ip ips sdee alerts

ip ips sdee events

Make sure the sdee is enabled on the router

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card