On Jul 17, 2017, at 14:14, Russ Housley <hous...@vigilsec.com<mailto:hous...@vigilsec.com>> wrote:
I think that the IDS is trying to detect the an infected server trying to migrate to another server. Malware often includes a series of exploits that are tried in sequence to infect a neighbor, and this activity provides a detectable signature. Correct. And not just between servers. ----------------------------------- Roland Dobbins <rdobb...@arbor.net<mailto:rdobb...@arbor.net>>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
