Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
721
Views
0
Helpful
1
Replies

IDS

Go to solution
sushilk
Level 1
Level 1

‎01-24-2005 01:54 AM - edited ‎03-10-2019 01:14 AM

Hi,

Does IDS drops packets????

If yes then in what conditions?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sachinraja
Level 9
Level 9

‎01-24-2005 02:27 AM

Hi sushil

IDS can be configured to drop packets. IDS basically can do the following:

log, reset tcp, shun connection & shun host..

IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.

for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.

hope this helps.. for more information you can visit www.cisco.com/go/ids

Raj

View solution in original post

0 Helpful
1 Reply 1

Go to solution
sachinraja
Level 9
Level 9

‎01-24-2005 02:27 AM

Hi sushil

IDS can be configured to drop packets. IDS basically can do the following:

log, reset tcp, shun connection & shun host..

IDS has a list of predefined attacks called signatures. You can manually configure a signature and set it to block a host or connection or reset the tcp session. by default logging is enabled on signatures.

for eg, you have a sync attack from one of the host, which the IDS detects from its signature database. You , as an administrator, can manually go to the signature and configure it as "shun host" or "shun connection" to block the packets. blocking can be done on a firewall or a router, which will act parallel to the IDS.

hope this helps.. for more information you can visit www.cisco.com/go/ids

Raj

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card