Show all intrusion prevention based counters related to fired signatures etc
Step 1 Log in to the CLI using an account with administrator privileges.
Step 2 Display many signature related counters as well as many cool others..
Step 1 Log in to the CLI using an account with administrator privileges.
Step 2 Display the list of denied IP addresses:
sensor# show statistics denied-attackers
Denied Attackers and hit count for each.
10.20.4.2 = 9
10.20.5.2 = 5
The statistics show that there are two IP addresses being denied at this time.
Step 3 Delete the denied attackers list:
sensor# clear denied-attackers
Warning: Executing this command will delete all addresses from the list of attackers
currently being denied by the sensor.
Continue with clear? [yes]:
Step 4 Enter yes to clear the list.
Step 5 Delete the denied attackers list for a specific virtual sensor:
sensor# clear denied-attackers vs0
Warning: Executing this command will delete all addresses from the list of attackers being
denied by virtual sensor vs0.
Continue with clear? [yes]:
Step 6 Enter yes to clear the list.
Step 7 Remove a specific IP address from the denied attackers list for a specific virtual sensor:
sensor# clear denied-attackers vs0 ip-address 10.1.1.1
Warning: Executing this command will delete ip address 10.1.1.1 from the list of attackers
being denied by virtual sensor vs0.
Continue with clear? [yes]:
Step 8 Enter yes to clear the list.
Step 9 Verify that you have cleared the list:
You can use the show statistics denied-attackers or show statistics virtual-sensor command.
sensor# show statistics denied-attackers
16-16
Configuring the Cisco Intrusion Prevention System Sensor Using the Command Line Interface 6.0
OL-8826-01
Chapter 16 Administrative Tasks for the Sensor
Clearing the Denied Attackers List
Denied Attackers and hit count for each.
Denied Attackers and hit count for each.
Statistics for Virtual Sensor vs0
Denied Attackers with percent denied and hit count for each.
Denied Attackers with percent denied and hit count for each.
Statistics for Virtual Sensor vs1
Denied Attackers with percent denied and hit count for each.
Denied Attackers with percent denied and hit count for each.
sensor#
sensor# show statistics virtual-sensor
Virtual Sensor Statistics
Statistics for Virtual Sensor vs0
Name of current Signature-Definition instance = sig0
Name of current Event-Action-Rules instance = rules0
List of interfaces monitored by this virtual sensor = mypair
Denied Address Information
Number of Active Denied Attackers = 0
Number of Denied Attackers Inserted = 2
Number of Denied Attackers Total Hits = 287
Number of times max-denied-attackers limited creation of new entry = 0
Number of exec Clear commands during uptime = 1
Denied Attackers and hit count for each.
Step 10 To clear only the statistics:
sensor# show statistics virtual-sensor clear
Step 11 Verify that you have cleared the statistics:
sensor# show statistics virtual-sensor
Virtual Sensor Statistics
Statistics for Virtual Sensor vs0
Name of current Signature-Definition instance = sig0
Name of current Event-Action-Rules instance = rules0
List of interfaces monitored by this virtual sensor = mypair
Denied Address Information
Number of Active Denied Attackers = 2
Number of Denied Attackers Inserted = 0
Number of Denied Attackers Total Hits = 0
Number of times max-denied-attackers limited creation of new entry = 0
Number of exec Clear commands during uptime = 1
Denied Attackers and hit count for each.
10.20.2.5 = 0
10.20.5.2 =