AirLive RS-3000 User Manual

Pre-defined:



Pre-defined signature contains 5 general classifications, includes Backdoor, DDoS, Dos, Exploit,

NetBIOS and Spyware. Each type also includes its attack signatures, and user can select to

enable the specific signature defense system based on the request. (Figure 19-3)



User can modify the signature action of pass, drop, and log in each type.



The RS-3000 can display all the attack signature attribute of Name, Risk, Action and Log.

Figure19-3

The Pre-defined setting

Custom:



Except Anomaly and Pre-defined settings, the RS-3000 also provides a feature to allow user

modifying the custom signature, in order to block the specific intruder system.



Name: The MIS engineer can define the signature name.



Protocol: The detection and prevention protocol setting includes TCP, UDP, ICMP and IP.



Source Port: To set the attack PC port.（Range: 0 ~ 65535）



Destination Port: To set the attacked (victim) PC port.

（Range: 0 ~ 65535）



Risk: To define the threats of attack packets.



Action: The action of attack packets.



Content: To set the attack packets content.

215