Intrusion Prevention

 View Only
last person joined: 10 days ago 

Ask questions and share experiences on intrusion detection and prevention (IDP).
  • 1.  SRX Firewall IPS Deployment

    This message was posted by a user wishing to remain anonymous
    Posted 12-09-2021 05:44
    This message was posted by a user wishing to remain anonymous

    I have SRX345 in a lab and I need to simulate IPS by simulating some attacks. IPS is updated online but recently IPS validity expired. 

    I have launched attacks using HPING against the web server and other attacks using Kali Linux. My web server is freezing during the attack but I do not see any IPS events in the logs.

    Could someone share the GUI steps to enable IPS for all the signatures so that I can see the logs for IPS ?


  • 2.  RE: SRX Firewall IPS Deployment

    Posted 02-16-2022 09:33
    From a Kali linux computer via SRX, try running the Openvas Vulnerability Scanner towards the metasploitable computer.
    So it will be clearer.

    ------------------------------
    BADMA BUTAEV
    ------------------------------



  • 3.  RE: SRX Firewall IPS Deployment

    Posted 02-17-2022 09:38
    What IPS template are you using?

    ------------------------------
    Chris Hale
    ------------------------------



  • 4.  RE: SRX Firewall IPS Deployment

    Posted 02-17-2022 10:56
    Client-And-Server-Protection

    Client-And-Server-Protection-1G

    ------------------------------
    Badma Butaev
    ------------------------------