Alert

From Computing and Software Wiki

Jump to: navigation, search

Alternation(1):

- warning at least

- or some action taken against the IP that is attacking you.


Alternation(2)

Symantec Host IDS provides real-time monitoring, detection, and prevention of security breaches, delivering automated policy enforcement and incident response for servers, applications, and data. As a complement to firewalls and other access controls, it enables administrators to develop proactive policies to stop hackers or authorized users with malicious intent from misusing systems. New process management capabilities combine multiple intrusion prevention technology functions, including process reporting, monitoring, and blocking. Process Reporter provides access to granular process data so administrators can make rapid, informed decisions regarding server security. Process Monitor allows administrators to define a wide variety of security configurations to provide a fault-tolerant, secure environment. Process Blocker allows administrators to restrict server capabilities through defined policies to prevent malicious activity. These technologies provide an efficient and non-intrusive intrusion protection solution to stop threats such as buffer overflow attacks.

- real time:

best effort.

Data from the network layer.

Drop all the packets from a specific IP: so netfilter for that maybe dangerous. 'cause the pirate may have faked one of your internal IPs and then you are actually cutting of one of your local network connections.

- run time:

Personal tools