Got confused after reading some articles recently... Has the OSI reference model become obsolete and has been superseded by the TCP/IP reference model? Can someone please help with the facts??
Can following be termed as false positives in Intrusion Prevention System (IPS) ?
1Application is not used in the entire infrastructure2Events where victim IP address does not exist3Application is not hosted on the server any more and .vhd file has ...
The Cisco ASA-IPS events show huge attacking IP addresses and we wanted to find out if the attacking IPs are blacklisted...
Can some help with, genuine site for bulk checking of blacklisted IP addresses????
Tried MxToolBox for individual IPs...
Thank you Rick... Feel privileged to have a VIP and Founder member of Hall of Fame responding...
Any reading share, that will help me deep dive in this topic?
Thank you for your reply but my query is, attack from external IP on internal IP where the IPS report publishes internal IP on which there was an attack tried by the external IP...