Focus on IDS Mode:
(Page 6 of 199)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26
Bikram Gupta (bikramkgupta gmail com) (2 replies)
Scenario: Perimeter IPS deployment, with Stateful firewall at the egress point.

Traffic from out to in: Firewall will block all unsolicited UDP ports.
For the UDP ports where traffic is allowed (RTP data etc) through
firewall, do I have to pass it though IPS engine? Will there be cases
of exploits

[ more ]  [ reply ]
RE: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26
Addepalli Srini-B22160 (saddepalli freescale com) (1 replies)
Re: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-27
Bikram Gupta (bikramkgupta gmail com) (1 replies)
RE: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-28
Addepalli Srini-B22160 (saddepalli freescale com)
Re: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26
Jamie Riden (jamie riden gmail com) (1 replies)
Collaborative Network Forensics 2009-08-23
kowsik (kowsik gmail com)
We took the recently published ITOC dataset and the CCTF captures from
Shmoo group (total of 15.0 GBytes, 26.3 million packets), indexed them
to enable contextual search and instant access to packets, not to
mention HN/Twitter-style one-liners attached to packets and searches
for a community oriente

[ more ]  [ reply ]
So long and thanks a bunch! 2009-08-15
alfredhuger (at) winterhope (dot) com [email concealed] (alfredhuger winterhope com)
Pen-Test and Focus-IDS readers,

I wanted to send a quick note to those of you on these two lists who
have been long time subscribers and supporters of them. I long ago
gave up the moderation of the lists (to far more capable hands than
mine) but I have followed them faithfully for nearly a decade.

[ more ]  [ reply ]
IPS-Builder 2009-08-11
Augusto Pereyra (aepereyra gmail com) (1 replies)
Hi list:

I' d like to share with all, this script made by me based on root0
script for ips instalation.
This script was tested on fedora 9 but it should work in fedora 10 too.
You need 3 network interfaces (One for management and two for the bridge)
I

When the script finish his execution you will

[ more ]  [ reply ]
Re: IPS-Builder 2009-08-13
BlueT (bluet bluet org)
Reputation based IPS/IDS - Cisco's tested 2009-08-11
Joel Snyder (Joel Snyder Opus1 COM) (1 replies)
Some of you may remember our discussion back in November, 2008 about
using reputation services in IPS. (search for subject line "Email
reputation for inout to IDSs?" if you want to read it).

Anyway, I was given a chance to test Cisco's 7.0 IPS that includes the
Ironport SenderBase/SensorBase re

[ more ]  [ reply ]
Re: Reputation based IPS/IDS - Cisco's tested 2009-08-22
Frank Knobbe (frank knobbe us) (1 replies)
Re: Reputation based IPS/IDS - Cisco's tested 2009-08-24
Gautam Singaraju (gautam singaraju gmail com)
AW: IPS - Cisco vs. McAfee vs. Tippingpoint 2009-08-11
Daniel, Akos (a daniel iq-optimize de) (1 replies)
Hi,

That makes our life hard, for one question we have got ~12 Solution from different Manufacturers. As I see, it is not easy to choose 'the best solution', there is too much good idea from different manufacturers on the market and the key benefits of a product differ at each unique Customer/User.

[ more ]  [ reply ]
Re: AW: IPS - Cisco vs. McAfee vs. Tippingpoint 2009-08-13
Seth Hall (hall 692 osu edu)
Content Inspection - Statistical methods 2009-08-08
Glenn Wilkinson (glenn wilkinson gmail com) (2 replies)
Hello IDS folks,

I'm currently doing a mini-project involving applying machine learning
techniques to the identification of hostile network traffic. My focus
is on TCP traffic, and I'm looking at header and content based
inspection. I'm wrapping up my feature extraction code now, whereby
I've impor

[ more ]  [ reply ]
Re: Content Inspection - Statistical methods 2009-08-11
Richard Bejtlich (taosecurity gmail com) (1 replies)
Re: Content Inspection - Statistical methods 2009-08-12
Jamie Riden (jamie riden gmail com) (1 replies)
Re: Content Inspection - Statistical methods 2009-08-13
Stefano Zanero (zanero elet polimi it)
Re: Content Inspection - Statistical methods 2009-08-11
Federico Maggi (federico maggi gmail com)
Re: IPS - Cisco vs. McAfee vs. Tippingpoint 2009-07-30
Paul Schmehl (pschmehl_lists tx rr com)
--On Thursday, July 30, 2009 04:09:32 -0500 Hurgel Bumpf
<l0rd_lunatic (at) yahoo (dot) com [email concealed]> wrote:

>
>
> Hi Paul,
>
> thank you for your valuable input.
>
> The box was definately not overloaded, it just ran amok killing sessions :)

Wouldn't that be the definition of overloaded? :-)

>
> Please see my ans

[ more ]  [ reply ]
(Page 6 of 199)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus