|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Thomas H. Ptacek (tqbf_at_pobox.com)
Date: Tue Feb 04 2003 - 11:57:42 CST
On 1/31/03 1:22 PM, "Chris Travers" <chris
travelamericas.com> wrote:
> An IDS could have hooks into a routers filtering tables in order to
> temporarily ban that IP address. This has the advantage of the RST in
> that all inbound traffic from the attacker would be stopped, but would
ACL countermeasures are generally avoided because it is hard to make them
fail safely. It is not easy to push soft-state ACLs to Cisco and Juniper
routers; the risk that the IDS could get desynchronized from the filter is
large.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]