focus-ids December 2007 archive
Main Archive Page > Month Archives  > focus-ids archives
focus-ids: Recommended IPS signature set

Recommended IPS signature set

From: Ravi Chunduru <>
Date: Sat Dec 08 2007 - 16:16:59 GMT

i understand from several emails in this list is that UTM or IPS devices enable only subset of signatures for detection as well as blocking - it is being termed as 'sane IPS', 'out-of-box IPS' , recommended etc..

is there any criteria (standard or non-standard) used in categorizing signature as 'recommended'? is it based on CVE priority?


Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to to learn more.