EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Monday 23 December 2024, 07:55:27 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
Instrusion Prevention - where to look? (MOVED too Whislist)
0 Members and 4 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Instrusion Prevention - where to look? (MOVED too Whislist) (Read 12645 times)
mrt
Full Member
Offline
Posts: 23
Instrusion Prevention - where to look? (MOVED too Whislist)
«
on:
Wednesday 21 April 2010, 04:07:19 am »
Hi,
Endian 2.3 have both Intrusion Detection (IDS) and Intrusion Prevention (IPS) and I could see all the detection in log.
Both there is one thing I missing from my "old" Clarconnect/ClearFondadion.
Where can I see what have been blocked and for how long time is it blocked?
My older system had one IPS function where I could see which IP that had been block, for what reason and block for 24 hour. I could also "unblock" it if it was a false rule/positive
Do Endian 2.3 have the same ?
Regards
Logged
vlongjvc
Full Member
Offline
Posts: 27
Re: Instrusion Prevention - where to look?
«
Reply #1 on:
Wednesday 21 April 2010, 12:40:48 pm »
You can request this function in "EFW Wishlist". I see that this feature is very useful. Thanks.
Logged
mrt
Full Member
Offline
Posts: 23
Re: Instrusion Prevention - where to look?
«
Reply #2 on:
Wednesday 21 April 2010, 04:10:29 pm »
Done
Logged
xxxx
Jr. Member
Offline
Posts: 9
Re: Instrusion Prevention - where to look? (MOVED too Whislist)
«
Reply #3 on:
Sunday 02 May 2010, 11:40:03 am »
This function is not very usefull because the Endian uses Snort inline this drop the bad pakets in the connection in real time not like the most Ips configs where snort detects and Guardian write the Ip to iptables drop list.The Ids/Ips from the endian is so more powerfull like the Ids from the most other Firewall Distributionen.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.094 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com