Re: Suggestion for IDS

[Paul Schmehl <pauls () utdallas edu>]

--On Wednesday, September 28, 2005 09:48:36 -0700 Kevin Pawloski 
<kpawloski () gmail com> wrote:

> Does the Tipping Point appliance allow you to create custom rules now?

Yes, for some definition of "rules".  For example, you can block individual 
host/port combos or ports or hosts, that sort of thing.  But if you're 
referring to rules like snort rules, which allow you to get really 
granular, not that I'm aware of.  Of course, I'm not TP CLI guru either. 
It has a cisco-like cli that might allow you to do a great deal more than 
what we've been doing through the mgmt console.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/