About ismael.lezcano

ismael.lezcano · 01-29-2002

Hi. I'm trying to use STATE.HTTP to detect the User-Agent header of all my inbound Web traffic and parse the value of it to detect crawlers, robots, etc. Any suggestions?

ismael.lezcano · 03-15-2002

This alarm fires with the destination of 207.189.143.11, not the source.

ismael.lezcano · 03-12-2002

Same here. Dating at least back to Feb 11, the last alarm firing Last Friday, March 8.

ismael.lezcano · 01-29-2002

It almost did. My previous attempts did not take in all the rules for Regular Expressions. Following your example I have configured the sensor, however packetd now refuses to start. I get "W WARNING suppressed while parsing global parameter" messages...

ismael.lezcano · 08-31-2001

Check out NetForensics. They do IDS, PIX, IOS ACLS, etc. We demoed it here. It's got a heafty price tag and also a large administistrative demand, but I'm not aware of any competitor.

Member Since	‎06-09-2001 02:02 PM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	5

User Statistics

User Activity

Using SigWiz to detect crawlers and robots.

Re: Sig 6302 Loki Alarms on Spyware?

Re: Sig 6302 Loki Alarms on Spyware?

Re: Using SigWiz to detect crawlers and robots.

Re: Cisco Secure IDS (NetRanger) High Level Reporting