The major challenge for administrators of Intrusion Detection Systems is distinguishing between events that are genuine malicious activity and those that are false positives. This paper aims to help BlackICE IDS administrators by identifying and classifying some events frequently seen by IDS agents in two common deployments – on a DMZ web server and on systems within an internal (mainly Microsoft) network.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
