Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security ISSForum
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISSForum] SP Questions

from [Rob Barrett] Network Security [Permanent Link]
Subject: [ISSForum] SP Questions
Date: Wed, 22 Feb 2006 08:16:38 -0800 
I have a few items I have wanted to get some feedback on.

1) On server sensors and Proventi G appliaces I use Attacks and Audits
policy. I recieve a ton of info that is not really needed. Do you
folks use the audit features very often? I am considering getting rid
of a lot of them and just watching for attacks. I can see a use for
audits but not very often.

2) there area a some events I see in the sensor analysis but can not
find them in the policy to disable.  Email_Virus_Suspicious_Zip and
SMTP_Nondeliverable_Notification are a couple

3) How can I run a report for a single asset without having to put it
in its own group? I want to pull host assessment reports for single
machines during my certification process of the box. I have found the
reporting in the IS console much better than SP but not all our
analyst have access to an IS box to run the scans from.

Thanks in advance
Rob


_______________________________________________
ISSForum mailing list
ISSForum@iss.net

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to 
https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@iss.net

The ISSForum mailing list is hosted and managed by Internet Security Systems, 
6303 Barfield Road, Atlanta, Georgia, USA 30328.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISSForum] SP Questions, Rob Barrett <=
Previous by Date:  [ISSForum] [[SPAM]] Server Sensor on Solaris 10, Jason Baeder
Next by Date:  Re: [ISSForum] TCP_Port_Scan, b\.charon
Previous by Thread:  [ISSForum] [[SPAM]] Server Sensor on Solaris 10, Jason Baeder
Next by Thread:  Re: [ISSForum] TCP_Port_Scan, b\.charon
Indexes:  [Date] [Thread] [Top] [All Lists]