NIPS Blocklist Implementation and Whitelist Priority

agosto 4, 2022 | Adeline Zhang

The blocklist is matched based on the source IP address, destination IP address, or a combination of source and destination IP addresses of a packet. The blocklist works for TCP and UDP transport layer packets. That is to say, after an IP address is added to the blocklist, the ping is successful, but transport layer […]

Is NIPS Capable of Blocking SSH Connections?

julho 6, 2022 | Jie Ji

The answer is YES! NSFOCUS NIPS can block SSH connections. You may have similar questions, for example, whether Nmap or sqlmap can be blocked by NIPS. The answer is YES, too! These questions can often be resolved by configuring application control profile. Follow these steps to enable SSH connection blocking: Step 1: Click Objects on […]

Enabling Detection to Traffic Listened on Non-Standard Ports

julho 6, 2022 | Jie Ji

By default, NSFOCUS NIPS identifies the protocols and detects attacks on standard ports only. For example, File Transfer Protocol (FTP) operates on ports 20 and 21, Telnet protocol operates on port 23, and HTTP protocol uses port 80. However, the traffic using preceding protocols on non-standard ports will not be identified by NIPS by default, […]