About tami.martin

tami.martin · 07-21-2008

I've found signature to detect SSH traffic on a non-standard port (not port 22), but is there a signature that detects non-ssh traffic on port 22? Alternatively, is there any suggestions on how to create a custom signature to do this? We are also l...

tami.martin · 07-25-2007

Is there a signature available for the new Bind 9 DNS Cache Poisoning vulnerability/exploit.See referencehttp://www.securityfocus.com/bid/25037/info

tami.martin · 01-18-2007

I am using RDEP to subscribe to IDS sensors and retrieve alerts. In a specific signature I am interested in the content of the traffic from the attacker and victim. In the XML format for RDEP, this content seems encrypted in some way, what format i...

tami.martin · 09-25-2006

What does it mean when an alert lists 0.0.0.0 as the source that triggered the signature?

tami.martin · 07-27-2005

Can anyone tell me how to test or trigger a signature to determine if shun requests from the master blocking sensor (MBS) are actually resulting in shuns in the PIX? Can this same procedure be applied to FWSMs?

tami.martin · 01-04-2006

I installed release S211 (modified 5693-1 signature) and attempted to download an WMF file across the sensor, but the signature did not fire. What causes the WMF signature to fire?

tami.martin · 08-05-2005

Hi,Logon to your sensor to CLI. Run show users all to see your users. If there is one with a Privilege of Service, logoff and login again with that user account. If a service account does not exist (only one allowed), create one with the following:co...

Member Since	‎04-22-2005 10:58 AM
Date Last Visited	‎08-18-2017 03:53 AM
Posts	7

User Statistics

User Activity

Signature for non-protocol traffic on standard port

DNS Cache Poisoning Signature

RDEP Traffic Content

Unknown source in alert

Shuns in PIX from master blocking sensor

Re: Anyone come up with a custom sig for WMF Exploit?

Re: IDS 4235 upgrade problem