Packet, denies all the that paritcular packet inline, However deny attacker denies all other packets from the same attacker, irrespective of their severity.
Deny attacker inline: This action is the most severe and effectively blocks all communication from the attacking host that passes through the IPS for a specified period of time. Because this event action is severe, administrators are advised to use this only when the probability of false alarms or spoofing is minimal. Deny packet inline: This action prevents the specific offending packet from reaching its intended destination. Other communication between the attacker and victim or victim network may still exist. This action is appropriate when there is the potential for a false alarm or spoofing. Note that for this action, the default time has no effect. FNK On Sun, Sep 25, 2011 at 12:51 PM, Adil Pasha <[email protected]> wrote: > Guys, > > Very basic question. > > What is the difference between "deny packet inline" and "deny Attacker > inline" ? > > I am doing YB Lab 1 and there is a question to drop connection for Kazaa. > > > Best Regards. > ______________________ > Adil > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
