How do you disable alerts on this false positive?

You have a rule in your IDP policy that detects all HTTP signatures that are targeted towards your
Web server. You notice a log message is generated each time a Web user accesses the SQL database
with the default passwords. Your Webmaster does not want to reprogram the Web page to use
more secure SQL passwords. How do you disable alerts on this false positive?

You have a rule in your IDP policy that detects all HTTP signatures that are targeted towards your
Web server. You notice a log message is generated each time a Web user accesses the SQL database
with the default passwords. Your Webmaster does not want to reprogram the Web page to use
more secure SQL passwords. How do you disable alerts on this false positive?

A.
Create a rule in the Exempt rule base; specify target address of your Web server; include only the
specific HTTP SQL default password signature.

B.
Create a rule at the top of the Exempt rule base; specify target address of your Web server;
include all HTTP signatures.

C.
Create a rule at the top of the IDP rule base for any traffic destined to your Web server; specify
action of Exempt.

D.
Create a rule at the top of the Exempt rule base; specify target address of your Web server;
include all HTTP signatures; make this a terminal rule.



Leave a Reply 0

Your email address will not be published. Required fields are marked *