I wouldn't mind seeing some myself, what I have done basically is gone thru all my different zones, seeing via the firewalls, ISS Security Scans, what ports are open and or vulnerable, and that's what I have set on my Sensor Policies customized for each zone. Any Tron rules I have mostly set on the Internet Facing sensors.
Jeff -----Original Message----- From: Mohamed HAMOUCH [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2003 11:50 AM To: [EMAIL PROTECTED] Subject: [ISSForum] Need documents on tuning RealSecure Hi All, I'm looking for any document that explains how to tune Realsecure so that it logs and/or display only the important attacks : some kind of "best practices" on dealing with Realsecure Policy. We're using "the behind firewall" policy which we edited to disable some signatures but a great amount of events are still logged and displayed ( such as nimda, activex...). But scrolling thru all these events take plenty of time and resources. How to achieve this ? Any help would be so appreciated. Best Regards. ./Mohamed. _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
