English Forums > Intrusion Detection and Prevention
ET Telemetry Rules
(1/1)
spetrillo:
Hello all,
Is there a set of rules that I should be setting as Drop only, rather than waiting for the alert and then dropping it? Would like to get ahead of the malicious actors if I could. My firewall and Suricate stood up to a very large brute force attack a couple of days ago...yea!
Thanks,
Steve
Navigation
[0] Message Index
Go to full version