|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [ISSForum] Need documents on tuning RealSecure
From: Jones, Jeff (Jeffrey.Jones
usfc.com)
Date: Thu Jun 05 2003 - 12:38:51 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I wouldn't mind seeing some myself, what I have done basically is gone thru
all my different zones, seeing via the firewalls, ISS Security Scans, what
ports are open and or vulnerable, and that's what I have set on my Sensor
Policies customized for each zone. Any Tron rules I have mostly set on the
Internet Facing sensors.
Jeff
-----Original Message-----
From: Mohamed HAMOUCH [mailto:Mohamed.Hamouchcgey.com]
Sent: Thursday, June 05, 2003 11:50 AM
To: issforumiss.net
Subject: [ISSForum] Need documents on tuning RealSecure
Hi All,
I'm looking for any document that explains how to tune Realsecure so that it
logs and/or display only the important attacks : some kind of "best
practices" on dealing with Realsecure Policy.
We're using "the behind firewall" policy which we edited to disable some
signatures but a great amount of events are still logged and displayed (
such as nimda, activex...). But scrolling thru all these events take plenty
of time and resources.
How to achieve this ?
Any help would be so appreciated.
Best Regards.
./Mohamed.
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]