• Advertise
• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Black ICE 2.5 Events, False Positives and Custom Attack Signatures

Added by Papergrl

Description: The major challenge for administrators of Intrusion Detection Systems is distinguishing between events that are genuine malicious activity and those that are false positives. This paper aims to help BlackICE IDS administrators by identifying and classifying some events frequently seen by IDS agents in two common deployments - on a DMZ web server and on systems within an internal (mainly Microsoft) network.