focus-ids December 2007 archive
Main Archive Page > Month Archives  > focus-ids archives
focus-ids: Recommended IPS signature set

Recommended IPS signature set

From: Ravi Chunduru <ravi.is.chunduru_at_nospam>
Date: Sat Dec 08 2007 - 16:16:59 GMT
To: focus-ids@securityfocus.com


i understand from several emails in this list is that UTM or IPS devices enable only subset of signatures for detection as well as blocking - it is being termed as 'sane IPS', 'out-of-box IPS' , recommended etc..

is there any criteria (standard or non-standard) used in categorizing signature as 'recommended'? is it based on CVE priority?

Thanks
Ravi



Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.