Chapter 21 IDP
NXC5200 User’s Guide
329
21.7.2 Custom Signature Example
Before creating a custom signature, you must first clearly understand the
vulnerability.
21.7.2.1 Understand the Vulnerability
Check the NXC logs when the attack occurs. Use web sites such as Google or
Security Focus to get as much information about the attack as you can. The more
specific your signature, the less chance it will cause false positives.
As an example, say you want to check if your router is being overloaded with DNS
queries so you create a signature to detect DNS query traffic.
OK
Click this button to save your changes to the NXC and return to the
summary screen.
Cancel
Click this button to return to the summary screen without saving any
changes.
Table 121
Configuration > Anti-X > IDP > Custom Signatures > Add/Edit (continued)
LABEL
DESCRIPTION