Can anyone please tell me some of the causes of false positives on the Cisco 4250 IDS sensors. The obvious signs that I know of are idle telnet sessions and tcp connections that have remained open for a long period of time. Any more help would be much appreciated.
Thanks in advance ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
