Table of Contents
Advertisement
Configuring Intrusion Detection and Prevention Devices Guide
Table 38: Custom Attack Dialog Box: Extended Tab Settings
Setting
Primary URL
Secondary URL
Tertiary URL
CVE
Bugtraq
Impact
Description
Tech Info
Patches
Table 39: Attack Object Types
Type
Signature
68
On the Extended tab, using Table 38 on page 68. Configure additional attack details.
5.
Description
Enter up to three URLs (primary, secondary, tertiary) for external references you used when
researching the attack.
Common Vulnerabilities and Exposures (CVE) is a standardized list of vulnerabilities and other
information security exposures. The CVE number is an alphanumeric code, such as CVE-2209
A moderated mailing list that discusses and announces computer security vulnerabilities. The
BugTraq ID number is a three-digit code, such as 831 or 120.
Enter details about the impact of a successful attack, including information on system crashes and
access granted to the attacker.
Enter a description of the custom attacks.
Enter details on the vulnerability, the commands used to execute the attack, which files are attacked,
registry edits, and other low-level information.
List any patches available from the product vendor, as well as information on how to prevent the
attack.
Return to the General tab.
6.
Under Attack Versions, click the + icon to display the New Attack wizard.
7.
On the Target Platform and Type page, select a device platform (IDP 4.0, for
8.
example) and attack type.
Table 39 on page 68 summarizes attack types and provides references to the next
steps required to implement the technical configuration of the attack objects for
each type.
Description
Uses a stateful attack signature (a pattern that always exists within a specific section of the attack)
to detect known attacks.
Stateful signature attack objects also include the protocol or service used to perpetrate the attack
and the context in which the attack occurs.
If you know the exact attack signature, the protocol, and the attack context used for a known attack,
select this option.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1