Dalam beberapa hari ini serangan cyber sangat banyak yang masuk, sehingga beberapa kali memaksa saya untuk melakukan bypass DPI scan di IPS IBM XGS 4100 karena mulai tidak kuat cpu data plane nya.
Cara untuk melakukan bypass DPI scan di IPS IBM XGS 4100 adalah :
1. Masuk ke console IPS dengan ssh :
JKT-KBG3-IPS1-XGS41>
2. Coba ketik "help" untuk melihat daftar perintah :
JKT-KBG3-IPS1-XGS41> help
Current mode commands:
analysis Work with packet analysis features.
certificates Work with certificates.
cleanup Clean up temporary files.
firmware Work with firmware images.
fixpacks Work with fix packs.
license Work with licenses.
logs Work with log files.
management Work with management settings.
opensig Profiling information for Open Signatures.
protection Work with protection interfaces.
services Work with certain system services.
session Work with user sessions.
snapshots Work with policy snapshot files.
ssh Work with SSH keys.
stats Work with product statistics/status.
support Work with support information files.
sysinfo Work with system/hardware information.
tools Work with diagnostic tools.
updates Work with firmware and security updates.
Global commands:
back Return to the previous command mode.
exit Log off from the appliance.
help Display information for using the specified command.
reboot Reboot the appliance.
shutdown End system operation and turn off the power.
top Return to the top level.
3. Masuk ke menu analysis :
JKT-KBG3-IPS1-XGS41> analysis
JKT-KBG3-IPS1-XGS41:analysis>
4. Ketik perintah untuk bypass nya :
JKT-KBG3-IPS1-XGS41:analysis> dpi off
DPI is bypassed.
This setting may be reverted upon next packet processing service restart.
5. Nanti untuk menghidupkan DPI scan nya lagi dengan perintah :
JKT-KBG3-IPS1-XGS41:analysis> dpi on
DPI is active.
Semoga bermanfaat untuk pembaca semua.
Dony Ramansyah
site : http://donyramansyah.net
blog : dony-ramansyah.blogspot.com
email : dony.ramansyah[at]gmail.com
Registered linux user : ID 40017
Tidak ada komentar:
Posting Komentar