Colapse all |
Post message
Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26 Bikram Gupta (bikramkgupta gmail com) (2 replies) RE: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26 Addepalli Srini-B22160 (saddepalli freescale com) (1 replies) Re: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-27 Bikram Gupta (bikramkgupta gmail com) (1 replies) RE: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-28 Addepalli Srini-B22160 (saddepalli freescale com) Re: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26 Jamie Riden (jamie riden gmail com) (1 replies) Re: Excluding the bulk of UDP from IPS processing - What's the impact? 2009-08-26 Joel Jaeggli (joelja bogus com) Collaborative Network Forensics 2009-08-23 kowsik (kowsik gmail com) We took the recently published ITOC dataset and the CCTF captures from Shmoo group (total of 15.0 GBytes, 26.3 million packets), indexed them to enable contextual search and instant access to packets, not to mention HN/Twitter-style one-liners attached to packets and searches for a community oriente [ more ] [ reply ] So long and thanks a bunch! 2009-08-15 alfredhuger (at) winterhope (dot) com [email concealed] (alfredhuger winterhope com) Pen-Test and Focus-IDS readers, I wanted to send a quick note to those of you on these two lists who have been long time subscribers and supporters of them. I long ago gave up the moderation of the lists (to far more capable hands than mine) but I have followed them faithfully for nearly a decade. [ more ] [ reply ] IPS-Builder 2009-08-11 Augusto Pereyra (aepereyra gmail com) (1 replies) Hi list: I' d like to share with all, this script made by me based on root0 script for ips instalation. This script was tested on fedora 9 but it should work in fedora 10 too. You need 3 network interfaces (One for management and two for the bridge) I When the script finish his execution you will [ more ] [ reply ] Reputation based IPS/IDS - Cisco's tested 2009-08-11 Joel Snyder (Joel Snyder Opus1 COM) (1 replies) Some of you may remember our discussion back in November, 2008 about using reputation services in IPS. (search for subject line "Email reputation for inout to IDSs?" if you want to read it). Anyway, I was given a chance to test Cisco's 7.0 IPS that includes the Ironport SenderBase/SensorBase re [ more ] [ reply ] Re: Reputation based IPS/IDS - Cisco's tested 2009-08-22 Frank Knobbe (frank knobbe us) (1 replies) Re: Reputation based IPS/IDS - Cisco's tested 2009-08-24 Gautam Singaraju (gautam singaraju gmail com) AW: IPS - Cisco vs. McAfee vs. Tippingpoint 2009-08-11 Daniel, Akos (a daniel iq-optimize de) (1 replies) Hi, That makes our life hard, for one question we have got ~12 Solution from different Manufacturers. As I see, it is not easy to choose 'the best solution', there is too much good idea from different manufacturers on the market and the key benefits of a product differ at each unique Customer/User. [ more ] [ reply ] Content Inspection - Statistical methods 2009-08-08 Glenn Wilkinson (glenn wilkinson gmail com) (2 replies) Hello IDS folks, I'm currently doing a mini-project involving applying machine learning techniques to the identification of hostile network traffic. My focus is on TCP traffic, and I'm looking at header and content based inspection. I'm wrapping up my feature extraction code now, whereby I've impor [ more ] [ reply ] Re: Content Inspection - Statistical methods 2009-08-11 Richard Bejtlich (taosecurity gmail com) (1 replies) Re: Content Inspection - Statistical methods 2009-08-12 Jamie Riden (jamie riden gmail com) (1 replies) Re: IPS - Cisco vs. McAfee vs. Tippingpoint 2009-07-30 Paul Schmehl (pschmehl_lists tx rr com) --On Thursday, July 30, 2009 04:09:32 -0500 Hurgel Bumpf <l0rd_lunatic (at) yahoo (dot) com [email concealed]> wrote: > > > Hi Paul, > > thank you for your valuable input. > > The box was definately not overloaded, it just ran amok killing sessions :) Wouldn't that be the definition of overloaded? :-) > > Please see my ans [ more ] [ reply ] |
Privacy Statement |
Traffic from out to in: Firewall will block all unsolicited UDP ports.
For the UDP ports where traffic is allowed (RTP data etc) through
firewall, do I have to pass it though IPS engine? Will there be cases
of exploits
[ more ] [ reply ]