RSKill is only effective against tcp attacks.
sql_slammaer is a udp attack you cannot use rskill
against it. You can block udp attacks using realsecure
server sensor or proventia G series.
Nagaraj
--- priyank@tatatechnologies.com wrote:
Dear All,
I have recently installed A201
Provetia in our organization
and have defined some basic policies.When defining
policy there is an option
"RSKILL", does this option
kill TCP connection.There is continous logging of
SQL_SLAMMER_WORM,because
of this my log file is getting full,can i set it to
"RSKILL" option.Any
help would be appreciated
Thanking You All In Anticipation.
Regards
Priyank Gaddala
Technical Consultant - Sytems Integration and
Support
Tata Technologies Ltd
****************************************************************************************************
Email Disclaimer:
Information contained and transmitted by this e-mail
is confidential,proprietary, and legally privileged
data of Tata Technologies that is intended for use
only by the addressee.If you are not the intended
recipient, you are notified that any dissemination,
distribution, or copying of this e-mail is strictly
prohibited.You are requested to delete this e-mail
immediately and notify the originator.Any views
expressed by an individual do not necessarily
reflect the view of Tata Technologies.While this
e-mail has been checked for all known viruses, the
addressee should also scan for viruses.Internet
communications cannot be guaranteed to be timely,
secure, error or virus-free as information could be
intercepted, corrupted, lost, destroyed, arrive late
or incomplete.Tata Technologies does not accept
liability for any errors or omissions.To know more
about Tata Technologiesplease visit
http://www.tatatechnologies.com
***************************************************************************************************
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to
mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by
Internet Security Systems, 6303 Barfield Road,
Atlanta, Georgia, USA 30328.
__________________________________
Do you Yahoo!?
Check out the new Yahoo! Front Page.
www.yahoo.com
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
