Chanatip Adisaktrakool

IPS cannot detect/prevent signature

Discussion created by Chanatip Adisaktrakool on Feb 4, 2019
Latest reply on Feb 11, 2019 by Chanatip Adisaktrakool

Hi guys,

 

I'm trying to test prevent attack by IPS software blade with CVE-2006-2369 but no luck.

For this attack I use Radware Raptor Attack tool, Both of machines test is Radware Raptor tool, one act as Attacker and another one act as Server

 

 

 

 

Including Massscan Port Scanner not detect/prevent as well.

 

 

There is no any logs found on the log & monitor

 

 

But another signature is working fine such as (MS12-020) CVE-2012-0002

For this attack test I use Kali to be act as Attacker and another is windows7 machine.

 

 

 

Here is Access Control Rule Policy

 

 

 

Anyone here can advise me about scenario test, about 4-5 signatures prevent for example?

 

I would like to show customer that we can detect and prevent them from attack by known threat with CVE.

 

Thank you in advance. 

 

Appreciate every comments

 

Regards,

Sarm

Outcomes