|
Hi All,
Quick question on creating (or 'deriving new') policy from
ISS's default 'Attack Detector' policy. What are the recommended
signatures to configure RSKILLS for to protect the internal network with a
version 7 network sensor? Or do I have to go through the whole list and either
guess at which ones I should be protected from or do I go through the present
analysis and whatever tag names show up I configure the policy to send RSKILLS
to. The latter seems a little backwards, as in configuring the
protection AFTER the attack....Sorry if this is a dumb question OR the
wrong place to ask this question but I am new with the ISS
IDS.
Thanks in advance! Michael
|
- RE: [ISSForum] Attack Policy Best Practice issforum-admin
- RE: [ISSForum] Attack Policy Best Practice issforum-admin
- RE: [ISSForum] Attack Policy Best Practice issforum-admin
- RE: [ISSForum] Attack Policy Best Practice issforum-admin
- RE: [ISSForum] Attack Policy Best Practice issforum-admin
