Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm trying to track down what I believe is a false positive for Rustock Botnet sig 17363-3. This is a "service HTTP" signature and it indicates "yes" on specify URI regex, specify header regex and specify request regex, but the regex field is blank ...
Using IDS Sensor version 3.x, one could configure a Router's syslog to point to a Sensor, and configure the Sensor to treat Router ACL violations from syslog as Events and report them to CSPM.Now that Sensor ver 3.x and CSPM are end-of-life, we are u...
