Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
10
Helpful
2
Replies

Is ERASE BACKUP the same as wr erase on a router?

yulan.lee
Level 1
Level 1

‎10-04-2004 05:10 PM - edited ‎03-09-2019 08:59 AM

What is the equivalent of 'wr erase', reload of a router to IDS configuration? If I do "erase backup" and "erase current" will that the wipe out all the current config on IDS, and reload with a fresh, initial config?

What is the command to show me the current signature patch that I have?

Do I need to add updated signature file incrementally, one by one? Or, can I load the most recent one and it covers all the previous ones? Are the signature file incremental or accumulative?

Do I use “upgrade” command on the IDS to download the signatures from FTP server the same as I upgrade the IOS on IDS?

Labels:
0 Helpful
2 Replies 2

pcomeaux
Cisco Employee
Cisco Employee

‎10-04-2004 06:52 PM

Here's the results of the commands:

Question 1 -

sensor#erase current-config

WARNING: Removing the current-config file will result in all configuration being reset to default, including system information such as IP address.

Continue?:Yes

sensor#

Question 2 -

sensor#show version

Application Partition:

Cisco Systems Intrusion Detection Sensor, Version 5.0(1)S45

OS Version 2.4.18-5smpbigphys

Platform: IDS-4250-XL

Sensor up-time is 6 days

Using 406511616 out of 1846276096 bytes of available memory (22% usage)

Using 544M out of 15G bytes of available disk space (4% usage)

MainApp 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

AnalysisEngine 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

Authentication 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

Logger 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

NetworkAccess 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

TransactionSource 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

WebServer 2003_Jan_23_02.00 (Release) 2003-01-23T02:00:25-0600 Running

CLI 2003_Jan_17_18.33 (Release) 2003-01-17T18:33:18-0600

Upgrade History:

*IDS-min-4.1-1-S43 20:40:16 UTC Mon Feb 03 2003

IDS-maj-5.0-1-S45.rpm.pkg 20:43:18 UTC Mon Feb 03 2003

Recovery Partition Version 1.1 - 4.0(1)S37

Question 3

To get to the latest signature update, be sure to read the requirements in the Readme file for the signature update. Most, if not all, require a Service Pack as a minimum requirement.

As an example, to update to the latest signature release S117, the sensor first needs to report S91.

Here's a snip from the Readme for S117.

"The sensor must report the version of sensor as 4.1(4)S91 or later

before you can apply this signature update. To determine the current

sensor version, log in to CLI and type the following command at the

prompt:

show version

Version 4.1(1)S47 to 4.1(3)S61 sensors must first be updated with the

4.1(4)S91 Service Pack before applying the 4.1(4)S117 Signature Update.

Install the following binary:

IDS-K9-sp-4.1-4-S91.rpm.pkg"

So the signature updates are cummulative, but Service Packs change the OS and are required to be stepped through from the initial version of the sensor.

Question 4 -

Yes - you can perform the SP or Sig upgrade from the command line or from IDM or from IDS MC.

Here's a snip from the command reference:

"Use the upgrade command to apply a service pack, signature update or image upgrade.

upgrade source-url"

The source-url can be Http, Ftp, SCP or https.

Here's the link to the Signature Updates:

http://www.cisco.com/cgi-bin/tablebuild.pl/ids4-sigup

Here's the link to the Service Packs:

http://www.cisco.com/cgi-bin/tablebuild.pl/ids4

Here's the link to the Command Reference Guide:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/cmdref/15599ch2.htm

Let us know if you have other questions.

thanks

peter

ps - please remember to rate the posts!

jimwelsh
Level 1
Level 1

‎10-04-2004 07:06 PM

The "erase current-config" command is the equivalent of "write erase", except that it doesn't need a reboot:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/cmdref/15599ch2.htm#378079

The "erase backup-config" command will erase the configuration stored in the backup-config storage location. It has no effect on the actual configuration of the sensor.

The "show version" command shows the installed OS packages, signature packages, and IDS process running on the system.

Service packs must be installed sequentially; signature updates only require you to install the most recent one. Signature updates are accumulative.

Yes, use the "upgrade" command to apply signature updates, too.

Customers Also Viewed These Support Documents