Difference between revisions of "Network based Intrusion Detection System"
From Atomicorp Wiki
(Created page with "ASL also includes a high speed network based intrusion prevent system. == Current Features == Blocks shellshock attacks Blocks heartbleed attacks Blocks DNS amplific...") |
m |
||
| Line 3: | Line 3: | ||
== Current Features == | == Current Features == | ||
| − | Blocks shellshock attacks | + | Blocks shellshock attacks on non-HTTP services (the WAF blocks shellshock attacks on HTTP services) |
Blocks heartbleed attacks | Blocks heartbleed attacks | ||
Latest revision as of 10:41, 9 July 2015
ASL also includes a high speed network based intrusion prevent system.
[edit] Current Features
Blocks shellshock attacks on non-HTTP services (the WAF blocks shellshock attacks on HTTP services)
Blocks heartbleed attacks
Blocks DNS amplification attacks
Blocks NTP amplification attacks
[edit] DNS amplification attacks
You can also define queries you want to block to DNS to help prevent DNS amplification attacks. Custom queries are defined in this file:
/etc/asl/firewall/custom-domains
The format for this file is:
domain,type
For example:
.,ANY
One entry per line.
