IDS mailing list archives
TCP Hijacks - False Positives
From: jono29 () gmail com
Date: 17 Sep 2005 11:56:59 -0000
Can anyone please tell me some of the causes of false positives on the Cisco 4250 IDS sensors. The obvious signs that I know of are idle telnet sessions and tcp connections that have remained open for a long period of time. Any more help would be much appreciated. Thanks in advance ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- TCP Hijacks - False Positives jono29 (Sep 19)