Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
735
Views
0
Helpful
6
Replies

IDS version 3.0(2)S6 Upgrade

mjuckett
Level 1
Level 1

‎09-12-2001 06:04 AM - edited ‎03-08-2019 08:41 PM

Hi,

I recently read about the new service pack for Netranger. I already have the sensor upgraded to 3.0(1)S7. Will I need to reinstall the latest signature pack after installing the service pack? Also, is there a mailing list I can get on to learn of these updates?

Thanks in advance.

Labels:
0 Helpful
6 Replies 6

sboutchyard
Level 1
Level 1

‎09-12-2001 06:16 AM

I haven't seen this service pack yet? Did you receive Cisco notification?

0 Helpful

mjuckett
Level 1
Level 1
In response to sboutchyard

‎09-12-2001 06:42 AM

I read about it at this website:

<http://www.theregister.co.uk/content/55/21573.html>

And I recieved the download from here:

<ftp://ftp-eng.cisco.com/csids-sig-updates/ServicePacks/IDSk9-sp-3.0-1.43-S6-0.43-.bin>

No, I did not recieve Cisco notification. I usually read about a patch here in this forum or elsewhere. I have yet to recieve notification from Cisco about any patch.

Megan

0 Helpful

klwiley
Cisco Employee
Cisco Employee
In response to mjuckett

‎09-12-2001 08:36 AM

This service pack is a Beta release that adds additional decoding algorithms to the sensor. These algortihms are needed for the sensor to accurately deal with certain encoding techniques that could be used to obfscate or hide web traffic. It was released in Beta form to provide our customers with the most timely mechanism to protect against these new encoding techniques. This service pack has not completed QA and therefore there may be defects that we are currently unaware of in the software.

If this service pack is installed it will cause some difficulty in upgrading your systems in the future as the installers will recognize this as a Beta and won't want to install an FCS over it. There is a workaround for this. If you decide to install this Beta on your system I would recommend that after installation you manually change the following entry in your IMAGE_VERSION file locates in /usr/nr on the sensor:

change the line that reads 3.0(1.43)S5(0.43) to 3.0(1)S6

This will allow our installers to view the system as a base install 3.0(1)S6 sensor and you can then treat it as such. You will have to reapply the S7 sigupdate as this Betae is based on an S6 signature file.

Please note that in dealing with the TAC on any problems that you may encounter with this Beta you will have to identify it as v3.0(1.43)S5(0.43) or they will mistakenly attribute the problems to the incorrect binary file.

0 Helpful

scothrel
Level 3
Level 3

‎09-12-2001 07:50 AM

The following URL will take you to an email notification subscription form. We normally (I think we may have missed a few around S5/S6) put out an email notification for updates and patches.

http://www.cisco.com/warp/public/779/largeent/it/ids_news/subscribe.html

Scott Cothrell

0 Helpful

sboutchyard
Level 1
Level 1
In response to scothrel

‎09-12-2001 08:47 AM

SO when is the final release date and will it contain S8 sigs so organizations will not have to reapply any current config?

0 Helpful

klwiley
Cisco Employee
Cisco Employee
In response to sboutchyard

‎09-12-2001 11:41 AM

We should be releasing in 2-3 weeks barring any complications in QA. When we release the FCS version it will be released with the most bound with the most recent signature update. At the moment I would predict S9, but it could be S10. S8 will be posted sometime this week so I'm sure that we will be beyond it.

KLW

0 Helpful
Customers Also Viewed These Support Documents