http://ciscoarticles.com/rss/rss.php en-us Copyright 2010, rhifat@gmail.com rhifat@gmail.com Cisco Articles http://ciscoarticles.com/rss/rss.php Collection hourly 4 1901-01-01T00:00+00:00 http://ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Signature-Severity.html <a name="1949" /><a name="wbp30ch26P91" /> The <i class="emphasis">signature severity</i> represents the probability that the matched signature represents a real and immediate security threat to your systems and network. Each signature has a default severity assigned to it by Cisco security engineers and these default severities are normally adequate for most network ... en-us Signature Severity http://ciscoarticles.com/rss/article_view.php?articleId=4343 Copyright 2010, 2010-03-10T00:00:00+00:00 text http://ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Signature-Types.html <a name="1946" /><a name="wbp30ch26P72" /> The <i class="emphasis">signature types</i> describe the type of network traffic the signature is used to match. Some signatures detect intrusions by examining the TCP connection requests or UDP connections. Other signature types examine the protocol information in the IP headers or the protocol-dependant application commands located ... en-us Signature Types http://ciscoarticles.com/rss/article_view.php?articleId=4342 Copyright 2010, 2010-03-10T00:00:00+00:00 text http://ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Signature-Classes.html <a name="1944" /><a name="wbp30ch26P57" /> CIDS signatures fall into four classes. Signatures belong to one of the four classes, based on the type of attack the signature was designed to detect. As discussed in <a target="_parent" href="LiB0184.html#1713" class="chapterjump">Chapter 23</a>, there are three types of attacks: Reconnaissance, Access, and Denial of Service ... en-us Signature Classes http://ciscoarticles.com/rss/article_view.php?articleId=4341 Copyright 2010, 2010-03-10T00:00:00+00:00 text http://ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Signature-Implementations.html <a name="1939" /><a name="wbp30ch26P40" /> The signature implementations of CIDS signatures come in two types: every signature is either context based or content based. Each of these two types of signature implementations describes which part of the TCP/IP packet is examined.<a name="1940" /><a name="IDX-925" /> Context-Based Signatures <i class="emphasis">Context-based signatures </i>are triggered ... en-us Signature Implementations http://ciscoarticles.com/rss/article_view.php?articleId=4340 Copyright 2010, 2010-03-10T00:00:00+00:00 text http://ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Signature-Series.html <a name="1936" /><a name="wbp30ch26P11" /> CIDS organizes all the signatures into a series. When an alarm is sent, the signature that generated the alarm is also sent. The Event Viewer displays not only the alarm, but also the signature ID. While recognizing every signature ID that could generate an alarm would ... en-us Signature Series http://ciscoarticles.com/rss/article_view.php?articleId=4339 Copyright 2010, 2010-03-10T00:00:00+00:00 text