Focus on IDS Mode:
(Page 10 of 199)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Call for Participation - DIMVA 2009 2009-05-18
Sebastian Schmerl (sbs Informatik TU-Cottbus DE)
(We apologize if you receive multiple copies of this message.)
----------------------------------------------------------------------
C A L L F O R P A R T I C I P A T I O N
======================================================================

DIMVA

[ more ]  [ reply ]
Single Stage Attacks? 2009-05-17
snort user (snort user gmail com) (2 replies)
Greetings All,

Typically, network based attacks have multiple stages.
(reconnaissance, infection, download rootkit, call home, further infection etc)

Some attacks may have a single stage (without reconnaissance) to
compromise a host.
However, even those attacks have a post-compromise stage, such a

[ more ]  [ reply ]
Re: Single Stage Attacks? 2009-05-19
dreamwvr (dreamwvr dreamwvr com)
Re: Single Stage Attacks? 2009-05-19
Jamie Riden (jamie riden gmail com)
Evasion with OLE2 Fragmentation 2009-05-15
H D Moore (sflist digitaloffense net)
This applies more to AVs than IPS, but is yet another thing for IDS sig
developers to be aware of:
-
http://www.breakingpointsystems.com/community/blog/evasion-with-ole2-fra
gmentation

"At BreakingPoint, we provide comprehensive coverage of Microsoft Tuesday
patches. This Tuesday was no diff

[ more ]  [ reply ]
Yanýt: Checkpoints Smartdefense as an IPS 2009-05-15
a bv (vbavbalist gmail com)
Thanks for the answers, and let me go to further questions.

If you are using smartdefense how do you manage/how often do you
update/and what do you do to get most from it?

regards

2009/4/29, John Jasen <jjasen (at) realityfailure (dot) org [email concealed]>:
> a bv wrote:
>> Hi list,
>>
>> I want to ask to list for the opin

[ more ]  [ reply ]
[ask]Generating signatures using Honeycomb 2009-05-10
topimiring yahoo com
Hi guys,
I've just succesfully deployed honeyd and honeycomb on my virtual network under user mode linux env. What should I do to start generating snort signatures from honeycomb ? what kind of traffic should i send to honeyd host in order to generate the snort signatures?

Thank you

[ more ]  [ reply ]
RE: x-forwarded-for an IDS capability 2009-04-29
Hellman, Matthew (Hellman Matthew principal com) (2 replies)
I believe that the original poster is trying to deal with the problem of not having the true source IP address for a given IDS alarm specifically because of a forwarding proxy or NAT device on his own network. The mistake in my response may be that I'm assuming the user is concerned with his OWN sou

[ more ]  [ reply ]
Re: x-forwarded-for an IDS capability 2009-05-07
Jason Haar (Jason Haar trimble co nz) (1 replies)
Re: x-forwarded-for an IDS capability 2009-05-08
James (jimbob coffey gmail com) (1 replies)
Re: x-forwarded-for an IDS capability 2009-05-10
bartlettNSF (bartlettNSF comcast net)
Re: x-forwarded-for an IDS capability 2009-04-29
Arian J. Evans (arian evans anachronic com)
Fwd: x-forwarded-for an IDS capability 2009-04-29
Arian J. Evans (arian evans anachronic com)
inline. re-send as plaintext.

On Wed, Apr 29, 2009 at 7:55 AM, Hellman, Matthew
<Hellman.Matthew (at) principal (dot) com [email concealed]> wrote:
>
> That's a nice idea, I personally haven't seen or heard of it being implemented.
> If you can get a trace with the alert you might see it there. Also, a SIM should
> be able to

[ more ]  [ reply ]
x-forwarded-for an IDS capability 2009-04-29
James (jimbob coffey gmail com) (3 replies)
Hi List,

Does anyone know of an IDS vendor/or opensource product that has the
capability of associating
an ip address in an x-forwarded-for http header with an IDS event ?
This includes events that fire on a download as well so there would
need to be some
kind of internal http state management.

I

[ more ]  [ reply ]
Re: x-forwarded-for an IDS capability 2009-04-29
Seth Hall (hall 692 osu edu)
RE: x-forwarded-for an IDS capability 2009-04-29
Hellman, Matthew (Hellman Matthew principal com)
Re: x-forwarded-for an IDS capability 2009-04-29
Arian J. Evans (arian evans anachronic com)
Checkpoints Smartdefense as an IPS 2009-04-28
a bv (vbavbalist gmail com) (4 replies)
Hi list,

I want to ask to list for the opinion on Checkpoints Smartdefense. For
the past and current users , how enough/successfull do you find it as
an ips for your enterprise? Do you use additional ids/ips if so what
purposes and to monitor what segments/parts of your infrastructure.?
And how do

[ more ]  [ reply ]
Re: Checkpoints Smartdefense as an IPS 2009-04-29
John Jasen (jjasen realityfailure org)
Re: Checkpoints Smartdefense as an IPS 2009-04-28
Jaime Díaz (jndiaz gmail com)
Re: Checkpoints Smartdefense as an IPS 2009-04-28
Laurens Vets (laurens daemon be)
Re: Checkpoints Smartdefense as an IPS 2009-04-28
Tommy May (tommymay comcast net)
Re: PCI DSS 11.1 - ".. deploying a wireless IDS/IPS..". Kismet+Snort? 2009-04-27
Jeremy Bennett (jeremyfb mac com)
Emm,

A laptop with a wifi interface connected to the network with the intention
of extending the network into wireless is just as much of a threat as an
unauthorized AP. However, most laptops that are connected to the LAN are not
connected with the goal of extending the network. Most of them just h

[ more ]  [ reply ]
(Page 10 of 199)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus