Offline download IDP signature file

[SRX] How to update IDP Signature Database off-line ( Easier way to do it )


compare the version installed and the latest version	Check server root@SRX340-1-Rack104> show security idp security-package-version Attack database version:N/A(N/A) Detector version :12.6.160121210 Policy template version :N/A root@SRX340-1-Rack104> request security idp security-package download check-server Successfully retrieved from(https://signatures.juniper.net/cgi-bin/index.cgi). Version info:3162(Detector=12.6.160180509, Templates=3162) Netbox@SRX340-1-Rack104> request services application-identification download check-server Download server URL: https://signatures.juniper.net/cgi-bin/index.cgi Sigpack Version: 3161 Protobundle version: 1.380.0-60.105 Build Time: Jan 13 2019 23:05:04

	here Expand source here
idp folder and detector-capabilities	idp folder Expand source % ls -al /var/db/idpd/sec-download/ total 1484 drwxr-xr-x 3 root wheel 512 Dec 15 2017 . drwxr-xr-x 7 root wheel 512 Dec 15 2017 .. -rw-r--r-- 1 root wheel 721970 Dec 15 2017 detector-capabilities.xml drwxr-xr-x 2 root wheel 512 Dec 15 2017 sub-download more /var/db/idpd/sec-download/detector-capabilities.xml
application id folder and manifest.xml file	manifest.xml only xml.gz id files Expand source % more /var/db/appid/sec-download/manifest.xml \| grep "xml.gz</id" <id>application_groups.xml.gz</id> <id>application_groups2.xml.gz</id> <id>applications.xml.gz</id> <id>applications2.xml.gz</id> <id>contexts.xml.gz</id> <id>filters.xml.gz</id> <id>groups.xml.gz</id> <id>platforms.xml.gz</id> <id>products.xml.gz</id> <id>services.xml.gz</id> <id>SignatureUpdate.xml.gz</id> <id>templates.xml.gz</id> download manifest wget -O manifest.xml "https://signatures.juniper.net/xmlupdate/226/Manifest/3161/manifest.xml" Also: wget -O manifest.xml "https://signatures.juniper.net/cgi-bin/index.cgi?device=jsrx340&adv_dev_info=srx340&feature=idp&os=15.1&build=49&dfa=hs&detector=12.6.160121210&from=&to=latest&type=manifest&sn=CY3016AF0008&release=150.2" PS C:\Users\jkriker\Documents\script> ls Directory: C:\Users\jkriker\Documents\script Mode LastWriteTime Length Name ---- ------------- ------ ---- -a---- 16/04/2019 13:46 5379 manifest.xml -a---- 16/04/2019 12:48 4269066 SignatureUpdate.xml.gz PS C:\Users\jkriker\Documents\script\appid> more .\manifest.xml \| grep "xml.gz</url>" \| sed s/<url>// \| sed s/<\/url>// \| sed s/.*https/https/ > .\download-file-list.txt PS C:\Users\jkriker\Documents\script\appid> more .\download-file-list.txt https://signatures.juniper.net/xmlupdate/226/ApplicationGroups/3161/application_groups.xml.gz https://signatures.juniper.net/xmlupdate/226/ApplicationGroups/3161/application_groups2.xml.gz https://signatures.juniper.net/xmlupdate/226/Applications/3161/applications.xml.gz https://signatures.juniper.net/xmlupdate/226/Applications/3161/applications2.xml.gz https://signatures.juniper.net/xmlupdate/226/Contexts/3161/contexts.xml.gz https://signatures.juniper.net/xmlupdate/226/Filters/3161/filters.xml.gz https://signatures.juniper.net/xmlupdate/226/Groups/3161/groups.xml.gz https://signatures.juniper.net/xmlupdate/226/Platforms/3161/platforms.xml.gz https://signatures.juniper.net/xmlupdate/226/Products/3161/products.xml.gz https://signatures.juniper.net/xmlupdate/226/Services/3161/services.xml.gz https://signatures.juniper.net/xmlupdate/226/SignatureUpdates/3161/SignatureUpdate.xml.gz https://signatures.juniper.net/xmlupdate/226/Templates/3161/templates.xml.gz
determine the file to download	download file !!!!!!!! some web browser have some problem with the xml file >>>>>> using wget instead ( on powershell/windoes or linux ) !!!!!!!!!!!!!! Netbox@SRX340-1-Rack104> request security idp security-package download check-server Successfully retrieved from(https://signatures.juniper.net/cgi-bin/index.cgi). Version info:3161(Detector=12.6.160180509, Templates=3161) PS C:\Users\jkriker\Documents\script> ls Directory: C:\Users\jkriker\Documents\script Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 16/04/2017 12:00 test1 d----- 17/04/2017 19:03 Test2 -a---- 13/10/2018 13:28 466 napalm_config.py -a---- 16/04/2019 12:48 4269066 offline-update.xml.gz Then put it in the /var/tmp folder PS C:\Users\jkriker\Documents\script> sftp Netbox@172.30.95.210:/var/tmp/ Password: Connected to 172.30.95.210. Changing to: /var/tmp/ sftp> put SignatureUpdate.xml.gz Uploading SignatureUpdate.xml.gz to /cf/var/tmp/offline-update.xml.gz SignatureUpdate.xml.gz 100% 4169KB 631.5KB/s 00:06 sftp> ls SignatureUpdate.xml.gz appidd_trace_debug gres-tp install phone-home pics policy_status rtsdb sd-upgrade sec-download spu_kmd_init usb vi.recover Also can be done like in the KB. PS C:\Users\jkriker\Documents\script> wget "https://signatures.juniper.net/cgi-bin/index.cgi?device=jsrx340&adv_dev_info=srx340&feature=idp&os=15.1&build=49&dfa=hs&platform_ver sion=&detector=12.6.160121210&from=&to=latest&type=offline&sn=CY3016AF0008&release=150.2" -O offline-update.xml.gz OLD: determine the file to download Expand source Netbox@SRX340-1-Rack104> show security idp security-package-version Attack database version:N/A(N/A) Detector version :12.6.160121210 <<<<<<<<< installed Policy template version :N/A Netbox@SRX340-1-Rack104> request security idp security-package download check-server Successfully retrieved from(https://signatures.juniper.net/cgi-bin/index.cgi). Version info:3161(Detector=12.6.160180509, Templates=3161) The latest one is: Detector=12.6.160180509 https://signatures.juniper.net/cgi-bin/index.cgi?device=jsrx340&adv_dev_info=&feature=idp&os=15.1&build=49&dfa=hs&detector=12.6.160171124&from=&to=latest&type=offline <<<<<<< type= "offline" https://signatures.juniper.net/cgi-bin/index.cgi? device=jsrx340& adv_dev_info=& feature=idp& os=15.1& build=49& dfa=hs&detector=12.6.160171124& from=&to=latest&type=offline ---------------------------------------------------------------------------------------------------- junos command to provide the answer device=jsrx340& os=15.1& build=49& Netbox@SRX340-1-Rack104> show version Hostname: SRX340-1-Rack104 Model: srx340 Junos: 15.1X49-D150.2 JUNOS Software Release [15.1X49-D150.2]
idp offline-download	offline-download Netbox@SRX340-1-Rack104> request security idp security-package offline-download ? Possible completions: <[Enter]> Execute this command package-path Package path of the zipped security package status Retrieve the status of offline package download operation \| Pipe through a command Netbox@SRX340-1-Rack104> request security idp security-package offline-download package-path ? Possible completions: <package-path> Package path of the zipped security package Netbox@SRX340-1-Rack104> request security idp security-package offline-download package-path /cf/var/home/Netbox/offline-update.xml.gz Will be processed in async mode. Check the status using the status checking CLI Netbox@SRX340-1-Rack104> request security idp security-package offline-download status Done;Signature package offline download Successful. Netbox@SRX340-1-Rack104> request security idp security-package install Netbox@SRX340-1-Rack104> request security idp security-package install status