O'Reilly logo

Network Security Principles and Practices by Saadat Malik

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Responses to Intrusions

This section talks about the mechanisms that the sensor has at its disposal when confronted by an attack. The sensor has the ability to react as opposed to simply logging and passing on the information to the management console. The sensor can respond to a detected signature in the following ways:

  • No action

  • Shun

  • Log

  • Shun and log

  • TCP reset

  • TCP reset and shun

  • TCP reset and log

  • TCP reset, shun, and log

The sensors can be configured to respond to various types of alarms using any one of the mechanisms listed here. For example, a sensor can be set up to respond to level 4 alarms with a TCP reset and log and to level 5 alarms with a TCP reset, shun, and log (a stricter response).

NOTE

Although IOS routers, PIX Firewalls, and the IDSM ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required