SnapGear 1.7.8 Manuel D’Utilisation
Intrusion detection and blocking
The following figure shows the Intrusion Detection and Blocking (IDB) configuration:
Figure 6.6 Intrusion detection and blocking configuration
IDB operates by offering a number of services to the outside world that are monitored for
connection attempts. Remote machines attempting to connect to these services generate
a system log entry providing details of the access attempt, and the access attempt is
denied.
connection attempts. Remote machines attempting to connect to these services generate
a system log entry providing details of the access attempt, and the access attempt is
denied.
Because network scans often occur before an attempt to compromise a host, you can
also deny all access from hosts that have attempted to scan monitored ports. To enable
this facility, select one or both of the block options and these hosts are automatically
blocked once detected.
also deny all access from hosts that have attempted to scan monitored ports. To enable
this facility, select one or both of the block options and these hosts are automatically
blocked once detected.
Firewall
64