14. February 2011 22:15
In this article we will discuss about Forefront TMG 2010 NIS detection methods with signatures/protocol anomalies examples, taking a quick tour through the IDS/IPS history speaking about some detection methods used over the time by IDS/IPS solutions.
We will detail the exploit-based signatures(earlier generation ofsignatures) and the vulnerability-based signatures(later generation ofsignatures), will describe how pattern matching and protocol analysis intersected.
And we will exercise with PoC some NIS signatures and make kick-in NIS protocol anomaly functionality.