Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

focus-ids logo IDS mailing list archives

Alarm response strategies
From: "(infor) urko zurutuza" <uzurutuza () eps mondragon edu>
Date: Fri, 23 Jul 2004 09:35:24 +0200
  Hi all,

    May we discuss on which are the strategies that the IPS vendors use to prevent/respond from/to attacks?

- When do they change a firewall rule
- When to reset a connection
- When to create an ACL on a router


Are all of the responses used with a logical sense?
Should they been used depending on the type of the attack?
Only depends on the capability of each vendor?
What more strategies are there?

Thank you in advance,
__________________________________________________
MONDRAGON UNIBERTSITATEA
Urko Zurutuza
Dpto. Informática
Loramendi 4 - Aptdo.23
20500 Arrasate-Modragon
Tel. +34 943 739636 // +34 943 794700 Ext.297
www.eps.mondragon.edu
uzurutuza () eps mondragon edu



--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]