Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
RITgrad2008
Level 1
Level 1
Member since ‎06-12-2007
‎08-18-2017
Recent Badges
Awards

User Statistics

  • 14 Posts
  • 1 Solutions
  • 0 Helpful votes Given
  • 0 Helpful votes Received
Recent Badges
See all
10 Replies
5 Replies

User Activity

TCP Hijack/TCP Segment Overwrite false positives?

10-15-2007
Hello all,I was just curious if anyone else has had many false positives with 3 signatures in particular: TCP Hijack (3250.0 - High), TCP Hijack Simplex Mode (3251.0 - High), and TCP Segment Overwrite (1300.0 - High). The reason I think they are fals...

MARS tutorials and references

08-23-2007
Hello all,I was wondering if anyone had any good MARS tutorials or reference materials? I can't seem to make this thing do anything useful, partly due to rather limited access to the program, but mainly due to my lack of knowledge of what it can pote...

TCP SYN Host Sweep (3030.0) Firing Excessively

08-20-2007
Hello all,We recently added a bunch of IPS to our internal networks (we originally only had them on the perimeter). Since we implemented these IPS (running 5.x), we have seen a massive increase in the number of TCP SYN Host Sweeps.I looked a little f...

Finding better IPS signature documentation?

06-19-2007
Hello,I'm currently interning at a company using many of Cisco's IPS/IDS. One of my primary responsibilities is researching signatures used by the various devices to get a better understanding of what signatures should be activated.I am have an extre...
Community Statistics
Member Since ‎06-12-2007 10:26 AM
Date Last Visited ‎08-18-2017 03:56 AM
Posts 14