Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Common False positives/entries to ignore

Common False positives/entries to ignore 6 years 1 month ago #35665

  • ra8ul
  • ra8ul's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
I have few queries regarding SIEM or log management.

1.What false positives/to ignore entries we see in firewall logs from domain controllers,Ips/Ids,Database logs,Vpn .
3.Does RSA envision connect directly to domain controllers.
4.How to learn basics of firewall log analysis & escalation.

Thanks in advance for your help.
The administrator has disabled public write access.

Re: Common False positives/entries to ignore 6 years 1 month ago #35666

  • ra8ul
  • ra8ul's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
in firewall logs i see port scanning entries populated which we have to ignore.
like this entries logs from dc,database,ips,unix....

Plz help.....
Thanks.
The administrator has disabled public write access.

common 5 years 11 months ago #35952

  • ra8ul
  • ra8ul's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
Any one...
The administrator has disabled public write access.
Time to create page: 0.073 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup