Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
499
Views
0
Helpful
1
Replies

How to Test the IDS

jacky.chan
Level 1
Level 1

‎11-10-2001 12:53 AM - edited ‎03-08-2019 09:07 PM

After installed the IDS, what kind of tools is recommended to test the functionality of the IDS?

Labels:
0 Helpful
1 Reply 1

msitzman
Cisco Employee
Cisco Employee

‎11-13-2001 04:28 PM

Once you have the system installed you can easily test that the sensor is seeing the packets, and alarming on the triggered signatures by enabling the icmp signatures and setting them to high priority, approving/applying the commands and then ping and address on the same segment as the sniffing interface of the sensor. If you get the alarms, you are in action but will probably then want to lower the priority or disable the icmp alarm back to how you had it set originally.

If you are not getting the alarm, you will need to troubleshoot from there- packetd running... sensor is seeing the packets on the sniffing port...

Hope this Helps...

Marcus

0 Helpful
Customers Also Viewed These Support Documents