Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 524 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Newbie to Intrusion Protection - Please Help

dayne1432
I was checking out the IPS rules and found that most of the backdoor hacks action setting (either warn or drop) is just set to warn. I don't know about you but I don't want lame hackers using netbus or Subseven infultrating my network. I also don't want to be warned about it I want them stopped in their tracks.

I thought ASL by default was secure. The only thing stopping the hackers then is the packet filters. Or am I wrong?


This thread was automatically locked due to age.
  • 0
    Some rules have false positives, so it is often more reasonable to warn than drop.

    If you have (windows) machines vulnerable to such exploits, then maybe it is more reasonable to drop.

    Also, note that most of such incoming traffic wouldn't reach your INT machines, only possibly DMZ machines you have open internet ports on.

    Barry