Re: IDS responses

["Raffael Marty" <raffy () raffy ch>]

> Can anyone explain or direct me to an explanation of the SNMP Trap's
> use in active responses of intrusion detection systems?

See answer below

> SNMP Trap; Reconfigure network devices?

SNMP Traps can be used on a sensor to send asynchronous messages to a
console. These messages are not sent to network devices. The console on its
end might then reconfigure the network device (probably via SNMP again, but
not TRAPS, but an SNMP SET). I think this is all the magic that is behind
this.

> As seen above the SNMP Trap explanation is not satisafctory. I have
> tried to read several RFCs

What did you expect to find in the RFCs???

Regards

    Raffy