ESR series service routers.ESR-Series. User manual
•
•
•
Step Description Command Keys
2 Specify a name and enter the
configuration mode of the user
update server.
esr(config-ips-auto-upgrade)#
user-server <WORD>
<WORD> – server name, set by the
string of up to 32 characters.
3 Specify the description of the user
update server (optional).
esr(config-ips-upgrade-user-
server)# description
<DESCRIPTION>
<DESCRIPTION> – description, set by
the string of up to 255 characters.
4 Specify URL. esr(config-ips-upgrade-user-
server)# url <URL>
<URL> – text field containing URL link
of 8-255 characters length.
As an URL-links can be specified:
rule file with the .rule
extension;
rule classifier file named
classification.config;
directory on the server
containing rule files and/or
rule classifier file.
5 Set the frequency for update
checking (optional).
esr(config-ips-upgrade-user-
server)# upgrade interval
<HOURS>
<HOURS> – update interval in hours,
from 1 to 240.
Default value: 24 hours
13.6.3 Recommended open rule update source
https://sslbl.abuse.ch/ SSL Blacklist contains lists of 'bad' SSL certificates, i.e. certificates in respect of
which the fact of their use by malware and botnets has been established. The lists
contain SHA1 fingerprints of public keys from SSL certificates.
https://feodotracker.abuse.ch/ Feodo Tracker – list of management servers for the Feodo Trojan. Feodo (also known
as Cridex or Bugat) is used by cybercriminals to steal sensitive information in the field
of electronic banking (credit card information, logins/passwords) from users'
computers. Currently, there are four versions of the Trojan (versions A, B, C and D),
mainly distinguished by the infrastructure of control servers.
•
•
For IPS/IDS rules loaded from external sources, a separate area of volatile memory is allocated on
ESR routers.
The size of this area depends on the ESR model:
ESR-1X – 25 MB;
ESR-2X – 50 MB.
For all other models - 100 MB.
If you configure too many rule sources or load rules that exceed the specified limits, the router will
generate error messages: %STORAGE_IPS_MGR-I-ERR: There is no free space in rules directory
error.