The courseware does not come with a lab, so I used syn4k and nmap to attack a firewall.  CPMAD is enabled by default, but I had to enable port scan detection.  CPMAD did absolutely nothing.  And I could have easily filled the hard drive with log entries. 4000 entries in about 45 seconds.
 
Anyone have experience out there with CPMAD and actually use it or have seen it work?  It defaults to fwalert, but no alerts showed up in system status.
 
I am looking for those with actual experience only.  I am not looking for web links.

Reply via email to