|
Hi All,
Quick question on creating (or 'deriving new') policy from
ISS's default 'Attack Detector' policy. What are the recommended
signatures to configure RSKILLS for to protect the internal network with a
version 7 network sensor? Or do I have to go through the whole list and either
guess at which ones I should be protected from or do I go through the present
analysis and whatever tag names show up I configure the policy to send RSKILLS
to. The latter seems a little backwards, as in configuring the
protection AFTER the attack....Sorry if this is a dumb question but I am new
with the ISS IDS.
Thanks in advance! Michael
Michael G. Montgomery, MCSE, CCNP, CCSA
Senior Consultant Portola Systems, Inc. Computer Network Engineering and Integration [EMAIL PROTECTED] www.portolasystems.net 707.824.8800 Ext. 15 707.824.8866 FAX |
BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Michael Montgomery TEL;WORK:707-824-8800 x15 TEL;PREF;FAX:707-824-8866 EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Montgomery;Michael TITLE:Senior Consultant END:VCARD
