Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1048
Views
0
Helpful
1
Replies

Signature for web scanning

alkabeer80
Level 1
Level 1

‎12-20-2012 04:57 AM - edited ‎03-10-2019 05:51 AM

Hi, i have webserver and i want to block scan for website using IPS ( any type of scan which reveals server infomoration).

Is there any signature used, if not can i create custom signature (how i can do it)

thankssssssssssss                  

Labels:
0 Helpful
1 Reply 1

_____Adam
Level 1
Level 1

‎12-21-2012 08:16 AM

The only generic signature I see that is available here is 5724.0 which detects the Nikto scanner.

Many of these web scanners use specific techniques that we will block in generic web vulnerability signatures but they are not called out specifically as blocking a scanner.

For example you can try enabling the 5930 signatures for SQL injection protection.

If you want to create a custom signature, please follow this guide:

http://www.cisco.com/web/about/security/intelligence/ips_custom_sigs.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card