Linksys, Netgear, sonicwall, ect. Webbase configurations for firewalls. Web filting traffic shaping.
1 post • Page 1 of 1
could anyone shed some light on what the signature discription available below are a subset are specifically - what does each check? is there a decoder ring somewhere? Signature IDSignature DescriptionDisabledDetect OnlyDetect and Prevent 1000076 SBIPS2009-000076 1000085 SBIPS2009-000085 1000086 SBIPS2009-000086 1000087 SBIPS2009-000087 1000120 SBIPS2009-000120 1000232 SBIPS2009-000232 1000233 SBIPS2009-000233 1000235 SBIPS2009-000235 1000236 SBIPS2009-000236 1000237 SBIPS2009-000237
I will take a swipe at this since their bascially a light version of other Cisco IPS signatures. Personally I take the easy Google search route, but you may be able to obtain an RSS feed to provide direct links. Example: Google SBIPS2009-000076 Returns: http://tools.cisco.com/security/center/ ... rtId=18181 As for the breakdown of the gory technical details, it will vary with each signature. I do know many agencies will allow the signatures to be on by default, but its all up to you. Troubleshooting a BAD IPS signature can be difficult, but I wouldn worry since a huge amount of testing goes into them. Basically they are SNORT signatures... Shhh, Cisco does not want you to look under the open source hood and build your own firewall. Does that help?
Hi, You can use the link below to check the Small Business IPS signature defnitions: http://tools.cisco.com/security/center/ ... 010-000215 Just replace the signature ID with the one you are insterested. Regards,Wei