|
|
|
|
|
|
by sqren
2041 days ago
|
|
|
To learn about Intrusion Detection Systems (IDS) I found Unifi's documentation quite helpful. It's specific for their product but most of it is applicable elsewhere. https://help.ui.com/hc/en-us/articles/360006893234-UniFi-USG... > What are some common rules that get applied? This is specifically answered under "Categories and Their Definitions": > Compromised: This is a list of known compromised hosts, confirmed and updated daily as well. > Scan: Things to detect reconnaissance and probing. Nessus, Nikto, portscanning, etc. Early warning stuff. > SpamHaus: This ruleset takes a daily list of known spammers and spam networks as researched by Spamhaus. > Web Apps: Rules for very specific web applications. |
|
|