Security Basics mailing list archives
Re: ASA with IPS
From: Omar Salvador Alcalá Ruiz <oalcala () scitum com mx>
Date: Tue, 28 Sep 2010 19:25:50 -0500
If the asa fw/ips is your main source for attacks, then the noise will be there forever.
Keep in mind that FWs report all hits on a specific rule. The outbound FW will receive too much garbage from "the
wild". That said, the "deny all" rule will keep u with tons of logs, and your monitoring is useless from that
standpoint.
I would recommend to establish what you want to monitor and bear in mind that the least place where you will get
appropriate information is the deny all rule from the outbound FW/IPS. Moreover, what you need is some SIEM tool that
will help u accomplish your attack alerting levels. I believe you might need different sources, to get appropriate logs
in order to get attack reports
Hth
Omar
------Original Message------
From: Dan Vultur
To: security-basics () securityfocus com
Subject: ASA with IPS
Sent: Sep 28, 2010 02:47
Hello list,
I am interested in tunning the IPS on the ASA we have in the company and I would
like to know where can I find some quick tips/rules.
The point is that I receive a lot of e-mail, noise, for every packet that comes
from the internet so I want to refine the alerting level but still be proactive
about attacks that may occur.
Many thanks,
Dan
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
--------------------------
Sent from my mobile device
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Current thread:
- ASA with IPS Dan Vultur (Sep 28)
- RE: ASA with IPS Andy Tornquist (Sep 28)
- RE: ASA with IPS Steven C Holmes (Sep 28)
- Re: ASA with IPS Kellstr (Sep 30)
- Re: ASA with IPS Richard Robins (Sep 30)
- Re: ASA with IPS Dan Vultur (Sep 30)
- RE: ASA with IPS Andy Tripp (Sep 30)
- Re: ASA with IPS paulosterwald (Sep 30)
- Re: ASA with IPS Ramki B Ramakrishnan (Sep 30)
- <Possible follow-ups>
- Re: ASA with IPS Omar Salvador Alcalá Ruiz (Sep 30)