Baraka Network Baraka Network
Translate this page in :
French German Italian Portuguese Arabic Japanese Korean Spanish
Mastering Networks made easy

 

 Home Products How To Faq Download Contact Us

 

"I needed help urgently with my office network.
I called up Baraka and they solved the issue in no time at all. "
            -Mike Kendrick.


Easy Solutions at Baraka

 

ontact Details:
Head office
6-353 Broadway
Shawinigan Que.
Canada G9N-1M2
(819) 531-2340

 

Intruder Help File

Sql: Listening on ports 139, 445, 1433 and 1434. Dedicated to Microsoft Sql attacks. Including, as login, Worm propagation, xp_setsqlsecurity and many more.
X11: Listening for X11 MIT Magic Cookie detected and X11 xopen.
Icmp: Detects potentially bad ICMP traffic. They include most of the ICMP scanning tools and other "BAD" ICMP traffic (Such as redirect host).
NetBios: All Netbois related request will be trapped followed by the respective alert.
Misc: Sys it all.
Attack-Response: These signatures are those when they happen, its usually because a machine has been compromised. These should not false that often and almost always mean a compromise.
Snmp: SNMP community attempt including overflow attempts.

Smtp: All alert in this rule set are Sendmail related.
Imap: This rule set concerns IMAP buffer overflow attempts and brute force attempt.
Pop2: Default port 109.
Pop3: Default port 110.

Nntp : Default port 119.
Other-isd: These signatures serve two purposes.
1) If you are "IDS GUY" for a company, and someone else sets up an IDS without letting you know, that's bad.
2) If you are "pen-tester", this is a good way to find out what IDS systems your target is using after you have gained access to their network.
Web-Attacks: generic signatures that will catch common commands used to exploit form variable vulnerabilities. These signatures should not false very often.
Back-Door: Fires when as backdoor is encountered, including subseven, netbus, DeepThroat, Doly, Dagger, ACKcmdC, Infector.1.x, Satan Backdoor and many more.
Shell code: Because these signatures check ALL traffic for shell code, these signatures are disabled by default. There is a LARGE performance hit by enabling these signatures.
Policy
Porn: Says it all.
Info: Misc. logon attempt alerts.
Icmp-info: Standard ICMP traffic. They include OS pings, as well as normal routing done by ICMP. There are a number of "catch all" rules that will alert on unknown ICMP types.
Virus: Fires when a file ending with .exe, .vbs, .bat and others are requested.
Chat: These signatures look for people using various types of chat programs (for example: AIM, ICQ, and IRC) which may be against corporate policy.
Multimedia: These signatures look for people using streaming multimedia technologies. Using streaming media may be a violation of corporate policies.
P2p: These signatures look for usage of P2P protocols, which are usually against corporate policy. These include Gnutella, LimeWire, Bear and many others.

 

Nouvelle page 1

Intruder Help

Setup Options

Alert Config
Network

Preprocessor

Protocol
Web

Services
Smtp
Misc

Notification Add
Notification Edit

Config
Change Password
Set Time
Intruder
Backup
Restore
Dns Manager
Home :: :: Products :: :: How to :: :: FAQs :: :: Download :: :: Contact Us