IDS – Page 14 – WindowsTechs.com

Diagram illustration of an IDS

Posted on November 13, 2018 by Brayo

This is a scenario based question.

A large corporation has hired you to develop an IDS
infrastructure for their network.
The organization has five subnets: Marketing, Research, Development,
Sales and IT. The subnets are furt… Continue reading Diagram illustration of an IDS→

Xfinity Router, wanting to set netflow and IDS

Posted on November 9, 2018 by Michael

Currently the router/modem provides the wifi and ethernet. I have no way of sshing into it and I am not sure if it even support port mirroring.

Is there a good wifi router that I can setup after the xfinity router and have a… Continue reading Xfinity Router, wanting to set netflow and IDS→

Gov worker visits 9k porn sites without protection, spreads infection

Posted on October 30, 2018 by Lisa Vaas

A now very “ex”-government employee provides a teachable moment. Continue reading Gov worker visits 9k porn sites without protection, spreads infection→

Should I block IP adresses that made attacks attempts and were block from an IPS through the rules?

Posted on October 24, 2018 by v.boucher

We have an NIPS blocking attacks based on bad behaviors (rules checking the data in the network packets). Should I block the IP that the NIPS linked to attack attempts? It feels like the NIPS is already blocking the attack.

… Continue reading Should I block IP adresses that made attacks attempts and were block from an IPS through the rules?→

Lightweight and Real-Time Detection Algorithm [on hold]

Posted on October 16, 2018 by user3385496

I am looking for a lightweight and real-time algorithm to detect normal behavior (not abnormal, I am not talking about anomaly detection) according to pre-defined parameters. It is also acceptable if the algorithm can learn t… Continue reading Lightweight and Real-Time Detection Algorithm [on hold]→

Why would IPS vendor provider refuse to publish SLAs to fix the published highly ranked CVEs?

Posted on October 14, 2018 by Filopn

One of the biggest IPS providers (top of Gartner graph for its category) is not providing SLAs for all the 7+ ranking CVEs published last year. I don’t really understand why would they refuse to provide SLAs for the published… Continue reading Why would IPS vendor provider refuse to publish SLAs to fix the published highly ranked CVEs?→

Problem installing security onion on virtual box [on hold]

Posted on October 9, 2018 by Ahmed Ghrib

I am not familiar with Virtual box, so please bear with me.

I have downloaded securityOnion.ISO and I have configured it on my virtual box. The problem is that when I start the virtual machine, instead of having this list … Continue reading Problem installing security onion on virtual box [on hold]→

Penetration testing or Malware analysis?

Posted on October 7, 2018 by Mahmoud Elgindy

My M.Sc research is about developing IDS for IOT.
I’m confused about which field should learn more about; penetration testing or malware analysis.

I have some knowledge about each one but for IDS, which is working with malwa… Continue reading Penetration testing or Malware analysis?→

How likely is it to see a commercial IDS/IPS that uses machine learning in the near future that performs better than a normal IDS/IPS? [on hold]

Posted on September 29, 2018 by AlenT

I have to choose a field to study on and I want to know does it worth studying in this field and will the future IDS/IPS systems be using machine-learning/deep-learning or at least how likely is it?

i heard that some compan… Continue reading How likely is it to see a commercial IDS/IPS that uses machine learning in the near future that performs better than a normal IDS/IPS? [on hold]→

IDS and IPS placement in network? [duplicate]

Posted on September 28, 2018 by Sun-IT

This question already has an answer here:

Snort Sensor Placement

2 answers

What is the good practice for the placement of… Continue reading IDS and IPS placement in network? [duplicate]→