Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
hi, anyone has any sample configurations ? i just look at look at pdf guide and could not understand it. a few questions too. 1. The IPS signature id 13000 +- is using 'traffic anomaly engine' , it is related to AD settings ? is it correct to say th...
hi, lately i've been hammered badly by this signature. the funny thing is the destination ports are highports ,etc 1025,5000,etc (non netbios) . i noticed this signature has been firing frequently since ms08-067. anyone having the same experience ? i...
hi cisco, i find that there are no-viewable regex for some of cisco IPS signature version 6 rules. eg . 7280 sub 0. Can i confirm that cisco has hide all these important rule from being displayed? thanks
hi, yes it's related to that. i'm using the exploit for that vulnerability and it triggered signature 8 only. i think this means sub id 8 should be quite important right?
Hi martin,thanks for the reply. I've tried RPC DCOM exploit over this signature. only the subsig 8 was triggered upon the exploit attempt. Do you think this signature is important ?
