https://community.cisco.com/t5/network-security/ids/m-p/325777#M98238 <HTML><HEAD></HEAD><BODY><P>Hi sushil</P><P></P><P>IDS can be configured to drop packets. IDS basically can do the following:</P><P></P><P>log, reset tcp, shun connection &amp; shun host..</P><P></P><P> IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.</P><P></P><P>for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.</P><P></P><P>hope this helps.. for more information you can visit <A class="jive-link-custom" href="http://www.cisco.com/go/ids" target="_blank">www.cisco.com/go/ids</A></P><P></P><P>Raj</P></BODY></HTML> Mon, 24 Jan 2005 10:27:28 GMT sachinraja 2005-01-24T10:27:28Z https://community.cisco.com/t5/network-security/ids/m-p/325776#M98237 <P>Hi,</P><P></P><P>Does IDS drops packets????</P><P>If yes then in what conditions?</P><P></P><P>Thanks</P> Sun, 10 Mar 2019 09:14:38 GMT https://community.cisco.com/t5/network-security/ids/m-p/325776#M98237 sushilk 2019-03-10T09:14:38Z https://community.cisco.com/t5/network-security/ids/m-p/325777#M98238 <HTML><HEAD></HEAD><BODY><P>Hi sushil</P><P></P><P>IDS can be configured to drop packets. IDS basically can do the following:</P><P></P><P>log, reset tcp, shun connection &amp; shun host..</P><P></P><P> IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.</P><P></P><P>for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.</P><P></P><P>hope this helps.. for more information you can visit <A class="jive-link-custom" href="http://www.cisco.com/go/ids" target="_blank">www.cisco.com/go/ids</A></P><P></P><P>Raj</P></BODY></HTML> Mon, 24 Jan 2005 10:27:28 GMT https://community.cisco.com/t5/network-security/ids/m-p/325777#M98238 sachinraja 2005-01-24T10:27:28Z