I am using e-trust Intrusion Detection and I have everything pretty well locked down tight. But in the alerts in Intrusion detection, there is always alerts about http intrusion scans...
Http generic intrusion scan
Http jrun common intrusions
Checkpoint firewall-1 remote resource overload
Http double slash access control circumvention
Mail-Relay
Http server-side intrusions
Http Cold-Fusion intrusions/scans
It then lists the ip of the attacker and most of the http intrusion alerts are from websites I have recently visited. The rules in IDS will not allow me to block this. Is there anything else I could do to stop this stuff??? Besides blocking ip's at the router?
Http generic intrusion scan
Http jrun common intrusions
Checkpoint firewall-1 remote resource overload
Http double slash access control circumvention
Mail-Relay
Http server-side intrusions
Http Cold-Fusion intrusions/scans
It then lists the ip of the attacker and most of the http intrusion alerts are from websites I have recently visited. The rules in IDS will not allow me to block this. Is there anything else I could do to stop this stuff??? Besides blocking ip's at the router?