Intrusion Prevention

 View Only
last person joined: 2 months ago 

Ask questions and share experiences on intrusion detection and prevention (IDP).
  • 1.  IDP policy

    Posted 01-01-2010 03:57

    I want to ask:


    1- What is the difference b/w action non and ignore?

    2- What is the difference b/w just logging and log packets?



  • 2.  RE: IDP policy
    Best Answer

    Posted 01-01-2010 11:46



    Q1: both no action but ignore also ignores remainder of session, no further scanning.


    Q2: Logging logs the match on a signature (Found this or that) log packets save some packets around the attack for further analyses with e.g. wireshark

  • 3.  RE: IDP policy

    Posted 01-02-2010 13:00