[7.851][BUG][DUPLICATE] Top blocked attacks doesnt show and ips goes to ids mode

Hello Friends!

please check log

it doesnt show any ips alert or doesnt count on dashboard or on network security tab
after ips detect it seems it went to ids mode why ?(please correct me if i am making mistake)

thanks

Parents

0 anonymous_02 over 15 years ago

It goes to IDS mode after a restart ("Enabling inline operation").
That is ok, since the IPS is implemented as IDS + Packet Filter.
So the blocking (prevention) is done via iptables.

Regards,
Daniel
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 utm_kid over 15 years ago in reply to anonymous_02

Ok !

understood it there was no count on dashboard not even network security did not show any thing found, even today

2010:01:07-18:38:08 acenn snort[6268]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="alert" reason="DOS DNS root query traffic amplification attempt" group="520" srcip="192.168.2.225" dstip="192.168.2.100" proto="17" srcport="1034" dstport="53" sid="15259" class="Misc activity" priority="3" generator="1" msgid="0"

it did not show any thing

thanks
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 utm_kid over 15 years ago in reply to anonymous_02

Ok !

understood it there was no count on dashboard not even network security did not show any thing found, even today

2010:01:07-18:38:08 acenn snort[6268]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="alert" reason="DOS DNS root query traffic amplification attempt" group="520" srcip="192.168.2.225" dstip="192.168.2.100" proto="17" srcport="1034" dstport="53" sid="15259" class="Misc activity" priority="3" generator="1" msgid="0"

it did not show any thing

thanks
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data