Hallo I have implemented RealSecure 6.5 into the network. We have solaris and NT Server. I have configured the policy to see only the attacks which are importnat for our environment.
Now I see the following events in a high number (on a network sensor) coming from the outside of our network but there are only from interest, when they are attacking an NT machine. I see every attack, on solaris or nt. HTTP_NIMDA HTTP_CODE_RED HTTP_HEAD How must I configure the Policiy to see only the critical events. How can I minimize the numbers of such Events in an acceptable way. I hope somebody can help me, I am new in IDS. -- Mit freundlichen Gruessen - Yours sincerely Thorsten Ohler Diplom Wirtschaftsinformatiker (BA) Sparkassen-Versicherung Baden-W�rttemberg Informatikdienste (SVI) GmbH Mannheim Netz- und Telekommunikationstechnik (ZS3) mailto: [EMAIL PROTECTED] Telefon: 0711-898-1410 Handy: 0177-7230778 This email is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this mail in error, please tell us immediately by return email and delete the document. "Wahres Wissen beruht auf Erfahrung, alles andere ist nur Information." - Albert Einstein - _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
