Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] What is the URL for the Deep Inspection Attack database?

0

0

Article ID: KB7315 KB Last Updated: 14 Oct 2016Version: 8.0
Summary:
This article provides information about the URL for the Deep Inspection Attack database.
Symptoms:

If you are experiencing issues with downloading the Deep Inspection Signature, the following event log message might be generated:

Cannot download attack database ... (Error in response).
Solution:

Make sure the attack database server URL is correct; it should be https://services.netscreen.com/restricted/sigupdates.  You could also leave this field blank and ScreenOS will still know how to retrieve it; based on the license key.

The path for each ScreenOS release is slightly different; the version number changes to reflect the OS release that is running on the device.  The URL is:

https://services.netscreen.com/restricted/sigupdates/<sos.version>/<platform>/attacks.bin?sn=xxxxxxxxxxxxxxxx

NOTE:
The <platform> value for 5200 and 5400 are both: ns5000
The <platform> value for ISG1000 is the SAME as the value for the ISG2000:  isg2000
The <platform> value for any SSG devices is ssg<type>

For example:
For an ISG1000 running ScreenOS version 6.2, the url is:
https://services.netscreen.com/restricted/sigupdates/6.2/isg2000/attacks.bin?sn=xxxxxxxxxxxxxxxx

For an ns5200 running ScreenOS version 6.3, the url is:
https://services.netscreen.com/restricted/sigupdates/6.3/ns5000/attacks.bin?sn=xxxxxxxxxxxxxxxx

For a SSG550 device that is running ScreenOS version 6.2, the URL is:
https://services.netscreen.com/restricted/sigupdates/6.2/ssg550/attacks.bin?sn=xxxxxxxxxxxxxxxx

If you are still experiencing issues with downloading the DI signature database to the device , telnet to the NetScreen device and run

debug httpfx all and
debug pki detail.

This will help JTAC determine where the issue lies.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search