I ran into the term "default blocking policy" on the list a couple of times, defining the signatures vendors are feeling at ease blocking.
Do you find it is a strong enough list of exploits or are things still missing? Do they generate false alarms resulting in blocking users? ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
