[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ISSForum] Need documents on tuning RealSecure



I wouldn't mind seeing some myself, what I have done basically is gone thru
all my different zones, seeing via the firewalls, ISS Security Scans, what
ports are open and or vulnerable, and that's what I have set on my Sensor
Policies customized for each zone. Any Tron rules I have mostly set on the
Internet Facing sensors.

Jeff

-----Original Message-----
From: Mohamed HAMOUCH [mailto:Mohamed.Hamouch@xxxxxxxx] 
Sent: Thursday, June 05, 2003 11:50 AM
To: issforum@xxxxxxx
Subject: [ISSForum] Need documents on tuning RealSecure


Hi All,

I'm looking for any document that explains how to tune Realsecure so that it
logs and/or display only the important attacks : some kind of "best
practices" on dealing with Realsecure Policy.

We're using "the behind firewall" policy which we edited to disable some
signatures but  a great amount of events are still logged and displayed  (
such as nimda, activex...). But scrolling thru all these events take plenty
of  time and resources.

How to achieve this ?

Any help would be so appreciated.

Best Regards.

./Mohamed.

_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo