Table of Contents
Advertisement
Creating Custom Signatures
c.
d. If you do not want to generate an event, select Suppress Alert.
8.
Click OK.
Network Layer Tab
This tab allows you to configure the extended signature to look for matches in IP header fields. A
good source of information about IP headers can be found at the following location:
http://www.networksorcery.com/enp/protocol/ip.htm
To configure the Network Layer properties:
1.
Click the Network Layer tab to display the network layer settings.
3-30 Creating Network Sensor Signatures
Select the desired Action:
-
define — When this signature matches, set the flow tag.
-
test-defined — Evaluate this signature if the flow tag has already been set.
-
test-not-defined — Evaluate this signature if the flow tag has not been set.
-
clear — If the flow tag has been set, clear it.
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?