Segurança Em Redes De Comunicações

Redes E Sistemas Autónomos Comunicações Móveis Segurança Em Redes De Comunicações Sistemas Operativos E De Tempo-real

Segurança Em Redes De Comunicações
Corporate Networks Topics
Introduction to Network Security
Network Access Control
Network Flow Control
Secure Communications
Remote Access
Intrusion Detection and Prevention
Network Monitoring SIEM

Powered by GitBook

On this page

IDS
IPS
IDS/IPS Actions
Suricata
Snort

Network Deployment

PreviousSignature vs. Anomaly Based NextCore and End-to-End Monitoring

Last updated 1 year ago

IDS

Network tap.
Reports to the network management system.

IPS

IDS/IPS Actions

Suricata

alert - generate an alert.
pass - stop further inspection of the packet.
drop - drop the packet and the generated alert.
reject - send RST/ICMP unreachable error to the sender of the matching packet.
rejectsrc - same as just reject.
rejectdst - send RST/ICMP error packet to the receiver of the matching packet.
rejectboth - send RST/ICMP error packets to both sides of the conversation.

Snort

alert - generate an alert using the selected alert method, and then log the packet.
log - log the packet.
pass - ignore the packet.
drop - block and log the packet.
reject - block the packet, log it, and then send a TCP reset if the protocol is TCP or an ICMP port unreachable message if the protocol is UDP.
sdrop - block the packet but do not log it.