* New Microsoft Forefront UAG - Authentication failures, brute force and illegal URL outside policy rules.

* New Microsoft UAG-GeoIP rules added - Successful logins from outside $HOME_COUNTRY

* Modication of cisco-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the fatpipe-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the forginet-geoip.rules classtype from "succesful-user" to "suspicious-traffic"

* Modification of the juniper-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the openssh-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the proftpd-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the riverbed-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the ssh-tectia-server-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* Modification of the windows-geoip.rules classtype from "successful-user" to "suspicious-traffic"

* New Juniper VPN rules for authentication failures.

* New Juniper VPN GeoIP rules . Check for successful logins from outside $HOME_COUNTRY

-- ChampClark - 2014-04-17

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r2 - 2014-04-17 - ChampClark
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback