This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NNTP blocked bei IPS after Update 7.508

Hi,

since 7.508 Update NNTP will be blocked by IPS.

I will get this IPS log, when trying to access support-forums.novell.com:

id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="NNTP XHDR buffer overflow attempt" group="500" srcip="130.57.5.50" dstip="10.130.0.115" proto="6" srcport="119" dstport="1558" sid="12636" class="Attempted User Privilege Gain" priority="1" generator="3" msgid="0"

Ho w can I change this behaviour?
Markus

This thread was automatically locked due to age.

Parents

0 BAlfson over 14 years ago

I think you're understanding it correctly.

In the past, Astaro deactivated some rules in the standard setup. This got them some bad publicity in early 2009 because a well-known magazine ranked them below others. Not one Astaro customer complained of having been attacked successfully, but the point was made, and Astaro decided to upgrade IPS and include every rule. The good news is that it's "better." The bad news is that it takes more effort to use it and keep it from disrupting things.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 14 years ago

I think you're understanding it correctly.

In the past, Astaro deactivated some rules in the standard setup. This got them some bad publicity in early 2009 because a well-known magazine ranked them below others. Not one Astaro customer complained of having been attacked successfully, but the point was made, and Astaro decided to upgrade IPS and include every rule. The good news is that it's "better." The bad news is that it takes more effort to use it and keep it from disrupting things.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data