On Fri, Oct 8, 2010 at 10:59 AM, Mohd Harpizi Anuar <[email protected]> wrote:
> IDS detect this alert but nothing wrong with related server....I just want to know is it because this server or application on this server have mis > configuration such as programming or server setting that can be possibility > cause this alert. > That's why we need to calibrate IDS. Initially IDS need to run in test mode and monitor the alert it produces and justify which one is true or false positive so you can disable the alert. False positive alarm WILL raise no matter how secure your network is because of web applications or non-standard communication protocols. If you want to see what I mean, setup a standard snort gateway and open www.bharian.com.my within your client and snort will warn you that bharian is trying to hijack your connection, and this is an example of false positive alert. Post Script: IDS is not plug and play system > > > Faizul > <fai...@mysecurit > y.my> To > Sent by: "Open Web Application Security > owasp-malaysia-bo Project (OWASP) Malaysia Local > [email protected] Chapter" > .org <[email protected]> > cc > > 08/10/2010 10:54 Subject > Re: [Owasp-Malaysia] Email Scam In > Malay > Please respond to > "Open Web > Application > Security Project > \(OWASP\) > Malaysia Local > Chapter" > <owasp-malay...@l > ists.owasp.org> > > > > > > > boleh terangkan di mana silapnya ? > > On Fri, Oct 8, 2010 at 10:13 AM, Hasanuddin Abu Bakar < > [email protected]> wrote: > On Fri, Oct 8, 2010 at 9:57 AM, Mohd Harpizi Anuar <[email protected]> > wrote: > Hi...Salam perkenalan..... > Saya ni budak baru belajar...ada tak sesiapa yang boleh bagi info pasal > TCP > Hijack false positive alert...dan apa puncanya > Thanks > > False positive alert maksudnya amaran yang salah/silap. > > > > > > The information in this e-mail and any attachment(s) here to is only for > the use of the intended recipient and may be confidential or privileged. > If you are not the intended recipient, any use of, reliance on, > reference to, disclosure of, alteration to or copying of the information > for any purpose is prohibited. Any information not related to BNM's > official business is solely the author's and does not necessarily > represent BNM's view and is not necessarily endorsed by BNM. BNM shall > not be liable for loss or damage caused by viruses transmitted by this > e-mail or its attachments. BNM is not responsible for any unauthorised > changes made to the information or for the effect of such changes. > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > -- > Hasanuddin Abu Bakar > GSEC #28858 > IT Security Engineer > +6017 913 1983 > > Sigma Rectrix Systems (M) Sdn Bhd > No.15 & 15-1, Jalan Equine 9A, > Equine Park, Bandar Putra Permai > 43300 Seri Kembangan Selangor > URL : www.sigmarectrix.com > > Phone : 03-89486696 > Fax : 03-89487796 > Helpdesk : 03-89486596 > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > -- > 73 de 9W2PJU > > http://9w2pju.hamradio.my > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > The information in this e-mail and any attachment(s) here to is only for > the use of the intended recipient and may be confidential or privileged. If > you are not the intended recipient, any use of, reliance on, reference to, > disclosure of, alteration to or copying of the information for any purpose > is prohibited. Any information not related to BNM's official business is > solely the author's and does not necessarily represent BNM's view and is not > necessarily endorsed by BNM. BNM shall not be liable for loss or damage > caused by viruses transmitted by this e-mail or its attachments. BNM is not > responsible for any unauthorised changes made to the information or for the > effect of such changes. > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > -- Hasanuddin Abu Bakar GSEC #28858 IT Security Engineer +6017 913 1983 Sigma Rectrix Systems (M) Sdn Bhd No.15 & 15-1, Jalan Equine 9A, Equine Park, Bandar Putra Permai 43300 Seri Kembangan Selangor URL : www.sigmarectrix.com Phone : 03-89486696 Fax : 03-89487796 Helpdesk : 03-89486596
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
