1. Home
  2. Networking
  3. CCSP Cisco Certified Security Professional Certification

Initializing the IOS Firewall IDS

Initializing the IOS Firewall IDS

Only two commands initialize Cisco IOS Firewall IDS on a router. This section introduces the purpose, syntax, and examples of each.

The ip audit smtp spam Command

Use the global configuration mode command ip audit smtp spam to set the threshold beyond which you suspect e-mail messages contain spam. Use the no version of this command to set the number of recipients to the default setting. The syntax is

Rtr1(config)#ip audit smtp spam recipients
Rtr1(config)# no ip audit smtp spam

recipients

Integer (1–65535) that designates the maximum number of recipients in a mail message before a spam attack is suspected. The default is 250.

This command was introduced in IOS 12.0(5)T. The default is 250.

The following example changes the maximum number of e-mail recipients to 70:

Rtr1(config)#ip audit smtp spam 70

The ip audit po max-events Command

Use the global configuration mode command ip audit po max-events to specify the maximum number of event notifications placed in the router’s event queue. Additional events are dropped from the queue for sending to the CiscoSecure IDS Director. This command can be used regardless of whether the Cisco Secure IDS Director is used. Use the no version of this command to return the number to the default setting. The syntax is

Rtr1(config)#ip audit po max-events number_events
Rtr1(config)#no ip audit po max-events

number-of-events

Integer (1–65535) that designates the maximum number of events allowed in the router event queue. Increasing this number could impact memory and performance—each event in the queue requires 32KB of memory.

This command was introduced in IOS 12.0(5)T. The default is 100.

The following example changes the maximum number of events queued to 50.

Rtr1(config)#ip audit po max-events 50




BackCover
CCSP - Cisco Certified Security Professional Certification All-in-One Exam Guide
Introduction
Part I: Introduction to Network Security
Part II: Securing the Network Perimeter
Chapter 3: Cisco AAA Security Technology
Chapter 4: Cisco Secure ACS and TACACS+/RADIUS Technologies
Chapter 5: Securing Cisco Perimeter Routers
Chapter 6: IOS Firewall Feature Set - CBAC
Chapter 7: IOS Firewall - Intrusion Detection System
Intrusion Detection System (IDS)
Cisco IOS Firewall IDS Configuration Task List
Initializing the IOS Firewall IDS
Initializing the Post Office
Creating and Applying Audit Rules
Verifying the IDS Configuration
Chapter Review
Chapter 8: IOS Firewall - Authentication Proxy
Part III: Virtual Private Networks (VPNs)
Part IV: PIX Firewalls
Part V: Intrusion Detection Systems (IDS)
Part VI: Cisco SAFE Implementation
Appendix A: Access Control Lists
Appendix B: About the CD
List of Figures
List of Tables
List of Sidebars