Does anybody know how ids do tcp reset? in ios IDS, the router can send a reset packet, but in a real IDS, how can the ids tell the router to send a tcp reset packet??
If using an IDS/IPS Appliance or the NM-CIDS it is not the router that issues the TCP resets. Instead it is the IDS/IPS Appliance or NM-CIDS that will generate the TCP resets. The TCP Resets will be passed to other devices (like the router) using the same paths as the original packets that triggered the signature. So a router in between should be able to pass the TCP Resets just like the original packets.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
