Network based Intrusion Detection System

From Atomicorp Wiki
Revision as of 11:39, 9 July 2015 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

ASL also includes a high speed network based intrusion prevent system.

Current Features

Blocks shellshock attacks

Blocks heartbleed attacks

Blocks DNS amplification attacks

Blocks NTP amplification attacks

DNS amplification attacks

You can also define queries you want to block to DNS to help prevent DNS amplification attacks. Custom queries are defined in this file:

/etc/asl/firewall/custom-domains

The format for this file is:

domain,type

For example:

.,ANY

One entry per line.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=Network_based_Intrusion_Detection_System&oldid=5488"
Personal tools