Hey, I was wondering if there was a way to e-mail me a failed attack based on an source IP address range using fusion. For instance, I really don't care if people from the outside are hitting me with worms, but if I detect another office trying to hit me on a specified IP address range, then I would like to know about that. Or if any Internal Workstations are hitting me with Worms, that would be helpful to know about as well.
What can I do in this situation. I am running Server Sensors and a Proventia G200 that is used to Monitor the VPN Traffic. Any help is greatly appreciated. Thanks, Bob _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
