Products Partners Download Buy Network About Community Help  

User Guide Overview

Installing/Upgrading Introduction System Requirements Compatibility RAID Support Starting the Install/Upgrade Configuration Options Partitioning and RAID Troubleshooting

Post-Installation - First Boot Network Configuration Web-based Administration System Registration

Network Settings Bandwidth DHCP Server Hosts and DNS Server IP Settings LAN Configuration Multi-WAN Network Tools UPnP Wireless

Firewall 1 to 1 NAT Advanced DMZ Group Manager Incoming Outgoing Peer-to-Peer Port Forwarding

Security Intrusion Detection Intrusion Prevention

Accounts Users Groups Organization Administrators

System Backup and Restore Date Encrypted File Systems Language Running Services Shutdown and Restart SMTP Relay SSL Certificate Manager Webconfig

Backup LAN Backup/Recovery

Database Database

E-mail Antispam Antispam - Dspam Antispam - Training Antivirus Aliases Archive Filters / Greylist Maildrop POP and IMAP SMTP Mail Server Webmail Simple Webmail

File and Print Services Flexshare FTP Server Print Server Windows Networking

Filtering and Proxying Access Control Ad and Pop-up Blocker Content Filter Web Proxy

Groupware Groupware Setup

VPN Desktop-to-LAN / PPTP LAN-to-LAN / IPsec OpenVPN

Web Photo Gallery Web Server

Reports Current Status Dashboard Overview Intrusion Detection Logs SMTP Mail Statistics Web Proxy Web Server


Contact Us
  Sales Enquiry
  Tech Support

 
         
  Current Document and Section   Other Documents  
  - Documentation
    - User Guide
   DNS and Domains
Gateway Services Guide
Release Notes
Howtos
  
 

Security - Intrusion Prevention

Contents

Overview

Intrusion Prevention Information
Description An advanced intrusion prevention system.
Package Name cc-snortsam
Configuration Page Network > Security > Intrusion Prevention
Keywords SnortSam, Intrusion Prevention


The intrusion prevention system blocks suspected attackers from your system.

Services

New exploits are discovered everyday. The intrusion detection software maintains and uses a list of 2000+ rules. You can receive automatic updates by subscribing to the Intrusion Detection Updates service.

Configuration

The Intrusion Prevention system displays a list of IP addresses that have been blocked due to inappropriate network traffic.

Description

SID

The SID corresponds to the Intrusion Detection ID that triggered the block. This is a hyper-link that can be followed to reveal more information about the specific conditions that were matched.

Blocked IP

This is the IP address that triggered the block. If this IP address should not be blocked, you can add it to a "don't block" list by clicking on Whitelist under Action.

Date / Time

The date/time fields show when the block occured.

Time Remaining

The remaining block time is listed last. The IP address will be unblocked when this reaches 0.

Action

A blocked host can be added to a Whitelist so it will not be blocked in the future. You can also remove a blocked host using Delete.

Whitelist

If there are IP addresses in your Whitelist they will be listed below the Active Block List. You can delete an entry by choosing Delete under Action.

Troubleshooting

If you find the snortsam software taking a long time to startup on your system, make sure the DNS servers configured for your ClarkConnect system are working properly.

Links

Retrieved from "http://www.clarkconnect.com/docs/Security_-_Intrusion_Prevention"

This page has been accessed 8,496 times. This page was last modified on 7 August 2007, at 20:51.


 
   
Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.

Company | Contact | Legal | Help | Login