今天主要测试了NM-CIDS模块(当初为什么没有买好一点的呢。。。)主要就是一探针,里面sig设置还是满复杂的,顺便update了一下;首先,了解了一下升级包的含义:比如:IPS-K9-maj-5.0-1-S149.rpm.pkgmaj代表主要升级IPS-K9-min-5.1-1g.pkgmin代表次要升级IPS-K9-sp-5.1-3.pkgsp代表服务包(更加次要)IPS-K9-r-1.1-a-5.1-1.pkgr代表恢复升级(这里的恢复指IDS的系统恢复)注意,大部分升级都是每年才一次的,自由IPS-SIG的才是每周,不过这次没有弄到由于手头的IDS已经是5.0,因此做了min升级之后,接下来的sp升级log出来看看:sensor(config)#:upgrade [url]ftp://10.1.1.100/IPS-K9-sp-5.1-3.pkg[/url]User: aaPassword: **Warning: Executing this command will apply a service pack to the application partition. The system may be rebooted to complete the upgrade.Continue with upgrade? []: yesBroadcast Message from root@sensor(somewhere) at 15:07 ...Applying update IPS-K9-sp-5.1-3.pkg. IPS applications will be stopped and system will be rebooted after upgrade completes .Broadcast Message from root@sensor(somewhere) at 15:07 ...Shutting down IPS applications. Applications will be restarted when update iscomplete..接下来就重启了:Broadcast Message from root@sensor(somewhere) at 15:09 ...Update completeSending SIGKILL to all processes.Please stand by while rebooting the system.flushing ide devices: hdaRestarting system.Initializing memory. Please wait. 512 MB SDRAM detected……………………………………此处省略N内容实际上就是linux的引导过程,redhat的。这也是为什么IPS可以装在PC上的原因。升级完成后我们看看:sensor# sh verApplication Partition:Cisco Intrusion Prevention System, Version 5.1(3)S240.0Host:Realm Keys key1.0Signature Definition:Signature Update S240.0 2006-07-12Virus Update V1.2 2005-11-24OS Version: 2.4.26-IDS-smp-bigphysPlatform: NM-CIDSSerial Number: FOC09300A19Trial license, expires: 06-Jan-2007 UTCSensor up-time is 2 min.Using 215048192 out of 509448192 bytes of available memory (42% usage)system is using 17.4M out of 29.0M bytes of available disk space (60% usage)application-data is using 42.4M out of 174.7M bytes of available disk space (26% usage)boot is using 35.0M out of 75.9M bytes of available disk space (49% usage)application-log is using 49.8M out of 2.8G bytes of available disk space (2% usage)MainApp 2006_Jun_28_03.30 (Release) 2006-06-28T04:17:58-0500 RunningAnalysisEngine 2006_Jun_28_03.30 (Release) 2006-06-28T04:17:58-0500 RunningCLI 2006_Jun_28_03.30 (Release) 2006-06-28T04:17:58-0500Upgrade History:* IPS-K9-min-5.1-1 05:47:00 UTC Tue Nov 15 2005IPS-K9-sp-5.1-3.pkg 07:07:41 UTC Thu Nov 30 2006Recovery Partition Version 1.1 - 5.1(1)好,都已经打上去了;接下来升级recovery applicationsensor# conf tsensor(config)# upgrade [url]ftp://10.1.1.100/IPS-K9-r-1.1-a-5.1-1.pkg[/url]User: aaPassword: **Warning: Executing this command will re-image the recovery partition. The system may be rebooted to complete the upgrade.Continue with upgrade? []: yesBroadcast Message from root@sensor(somewhere) at 15:15 ...Applying update IPS-K9-r-1.1-a-5.1-1.pkg这个升级是不用重启的;这样,就升级完成了。easy把~~~
本文转自 beansprouts 51CTO博客,原文链接:http://blog.51cto.com/netwalk/66263,如需转载请自行联系原作者