Hey TAG,I use Sygate free version.Could you explain what that is?Is this signature part of the pay version?
the Tester, I know it's in the Pro version. As far as Sygate Free I'm not sure. Do you have an update option for Signatures? If you do I beleave it would be in the Free version then.
Tag,thanks for explaining that to me.I did find that signature updates are available on the pro version only.Looks like a cool feature though.
Ok thats it i have to ask do we have infintrators trying to redirect traffic to xxxx is it cause there rep of treating newbys bad and calling them troll that they sent people here to recruit=0 i got some real horror storys about xxx ill go post it in tenford as not to interupt this firewall forum as for my qustion how would you compare Sygate free with za free what are the key difrences and how much is pro verstion xxx-out irrelevant part - Forum Admin
That page you are looking at from sygate is a breakdown they have availble on the scan engines and how they come into play today in detecting the various know exploits and vulnerabilites in a system. If you are intesrted in this field there is a good 4 part article I have posted below with the lead in to the study. I think you will find out this has nothing to do with the free sygate firewall..but rather their other products. Intrusion Detection Signatures - Last updated 8/1/2002 Type I = Signature based Intrusion Detection Engine Type II = Trojan Detection Engine Type III = Denial of Service Protection Engine http://soho.sygate.com/document/ids_signature.htm _______________________________________________ Network Intrusion Detection Signatures, Part One by Karen Kent Frederick last updated December 19, 2001 This is the first in a series of articles on understanding and developing signatures for network intrusion detection systems. In this article we will discuss the basics of network IDS signatures and then take a closer look at signatures that focus on IP, TCP, UDP and ICMP header values. Such signatures ignore packet payloads and instead look for certain header field values or combinations of values. By learning about network IDS signatures, you’ll have more knowledge of how intrusion detection systems operate, and you’ll have a better foundation to write your own IDS signatures. Signature Basics A network IDS signature is a pattern that we want to look for in traffic. In order to give you an idea of the variety of signatures, let’s quickly review some examples and some of the methods that can be used to identify each one: http://online.securityfocus.com/infocus/1524
This is another good article. ------------------------------------ The ABCs of IDSs (Intrusion Detection Systems) What Is an Intrusion Detection System? Intrusions fall into two major classes. Misuse intrusions are attacks on known weak points of a system. An IDS looks for this type of attack by comparing network traffic with signatures of known attacks. The second class, anomaly intrusions, consists of unknown attacks and other anomalous activity. This may include detection of an intruder who is already inside a network. Anomaly detection is hardly a plug-and-play function. It requires an intimate knowledge of one's network and patterns of user behavior, and an IDS with powerful scripting options. The basic function of an IDS is to record signs of intruders at work inside and to give alerts. Depending on the product, how it is deployed and its network configuration, an IDS may only scan for attacks coming from outside one's network or it may also monitor activities inside the network. Some also look for anomaly intrusions. This requires an IDS that can be extensively configured by the user to match the peculiarities of the network to be defended. When Susie the systems administrator is at work at 2 a.m., this may be her normal behavior. But when Artie the administrative assistant logs on to his workstation at 2 a.m., that is most likely an anomaly. An IDS that detects anomalies must be scripted to tell the difference between the two log-ons. http://messageq.ebizq.net/security/meinel_2.html Sygate Technologies www.sygate.com Sygate Personal Firewall Personal firewall IDS SC Magazine review: "Basic IDS capabilities plus a personal firewall rolled into a single package."