Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Arkusz Danych Strona 65
- Strona / 168
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
642 -531
Leading the way in IT testing and certification tools, www.testking.com
- 65 -
The sensor compares the list of signatures with network activity. When a match is found, the
sensor takes an action, such as logging the event or sending an alarm to IDS Event Viewer.
Sensors allow you to modify existing signatures and define new ones.
Signature-based intrusion detection can produce false positives because certain normal
network activity can be misinterpreted as malicious activity. For example, some network
applications or operating systems may send out numerous ICMP messages, which a signature-
based detection system might interpret as an attempt by an attacker to map out a network
segment. You can minimize false positives by tuning your sensors.
To configure a sensor to monitor network traffic for a particular signature, you must enable
the signature. By default, the most critical signatures are enabled when you install IDS Device
Manager. When an attack is detected that matches an enabled signature, the sensor generates
an alert event (formerly known as an alarm), which is stored in the sensor’s event store. The
alert events, as well as other events, may be retrieved from the event store by web-based
clients. By default the sensor logs all Informational alarms or higher. If you have added IDS
Event Viewer as a destination, the alarm is sent to the IDS Event Viewer database and you
can view the alarm in IDS Event Viewer.
Configuring IP Logging
You can configure a sensor to generate an IP session log when the sensor detects an attack.
When IP logging is configured as a response action for a signature and the signature is
triggered, all packets to and from the source address of the alarm are logged for a specified
period of time. You can set the number of minutes events are logged.
Reference:
Installing and Using the Cisco Intrusion Detection System Device Manager and Event
Viewer Version 4.1
Cisco Courseware 12-18
- Table of contents 3
- Cisco Courseware 13-6 6
- Cisco Courseware 3-6 7
- Cisco Courseware 2-46 7
- Cisco Courseware 3-11 10
- Cisco Courseware 3-27 13
- Cisco Courseware 3-24 14
- Cisco Courseware 4-12 (PIX) 16
- Cisco Courseware 4-11 (IOS) 16
- Cisco Courseware 10-4 20
- Cisco Courseware 8-4 21
- Cisco Courseware 10-5 22
- Cisco Courseware 8-13 23
- Cisco Courseware 5-56 24
- Cisco Courseware 5-25 24
- Cisco Courseware 5-20 27
- Cisco Courseware 5-48 28
- Catalyst 2900XL / 3500XL 29
- Cisco Courseware 5-14 29
- Cisco Courseware 5-18 31
- Cisco Courseware 5-38 32
- Cisco Courseware 5-45, 5-48 32
- Cisco Courseware 5-16 33
- Cisco Courseware 9-37 41
- Cisco Courseware 9-40 42
- Cisco Courseware 6-8 49
- Cisco Courseware 7-22, 7-23 50
- Cisco Courseware 7-26 52
- Cisco Courseware 9-14 53
- Cisco Courseware 9-12 53
- Creating the Service Account 56
- Cisco Courseware 9-23 57
- Cisco Courseware 9-24 57
- Cisco Courseware 9-31 58
- Cisco Courseware 12-19 59
- Cisco Courseware 12-12 62
- Cisco Courseware 12-12: 63
- Cisco Courseware 12-18 65
- Cisco Courseware 14-33 66
- Cisco Courseware 13-10 68
- Cisco Courseware 14-7 68
- Cisco Courseware 13-62 72
- (7 questions) 73
- Cisco Courseware 15-10 74
- Cisco Courseware 15-3 74
- Cisco Courseware 5-46 76
- IDS device (2 questions) 79
- Cisco Courseware B-11 80
- Cisco Courseware 15-32 82
- Cisco Courseware 15-29 82
- Cisco Courseware 13-61 84
- Cisco Courseware 13-41 85
- Cisco Courseware 13-14 88
- Cisco Courseware 13-33 88
- Cisco Courseware 13-34 89
- Cisco Courseware 13-73 90
- Cisco Courseware 14-30 91
- Cisco Courseware 13-16 92
- Cisco Courseware 13-18 94
- Cisco Courseware 14-37 95
- (15 questions) 99
- Cisco Courseware 17-5 100
- Cisco Courseware 17-6 100
- Cisco Courseware 17-3 102
- Appliance 105
- Cisco Courseware 17-4 105
- : …what about 4220? 106
- Cisco Courseware 17-17 106
- IDS (8 questions) 107
- Cisco Courseware 6-7 109
- Cisco Courseware 6-4 112
- Cisco Courseware 6-3 114
- Cisco Courseware 17-8 116
- Cisco Courseware 10-8 117
- Cisco Courseware 10-13 118
- Cisco Courseware 10-46 123
- Cisco Courseware 11-12 125
- Cisco Courseware Lab 11-4 128
- Cisco Courseware 12-3 129
- Cisco Courseware 12-6 129
- Cisco Courseware 12-15 131
- (2 questions) 134
- Cisco Courseware 16-34 135
- Cisco Courseware 16-27 136
- Cisco Courseware 16-33 138
- Cisco Courseware 16-41 139
- Cisco Courseware 16-23: 141
- Cisco Courseware 16-14 143
- Cisco Courseware 16-63 143
Powiązane produkty i podręczniki dla Networking Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor
Networking Cisco WRT54GP2 Podręcznik Użytkownika
(94 strony)
(94 strony)
Networking Cisco Spam Podręcznik Użytkownika
(20 strony)
(20 strony)
Networking Cisco EPC2607 Instrukcja Użytkownika
(28 strony)
(28 strony)
Networking Cisco 12810 Dokumentacja
(30 strony)
(30 strony)
Networking Cisco WRVS4400N - Small Business Wireless-N Gigabit Security Router Podręcznik Użytkownika
(180 strony)
(180 strony)
Networking Cisco EA-Series Podręcznik Użytkownika
(144 strony)
(144 strony)
Networking Cisco 888E Instrukcja Użytkownika
(18 strony)
(18 strony)
Networking Cisco DPC2203 Instrukcje Operacyjne
(98 strony)
(98 strony)
Networking Cisco 12016 Dokumentacja
(36 strony)
(36 strony)
Networking Cisco DPC2203 Podręcznik Użytkownika
(58 strony)
(58 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.045 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji