SEP Custom IPS Policy to block Latest IE 0day attack (AKA Aurora exploit) - CVE-2010-0249
Updated: 25 Jan 2010 | 2 comments
I've built a custom IPS policy to block Aurora exploit and I've used Metasploit's IE_Aurora module to attack my virtual machine and guess what, SEP blocked the attack. Attached you'll have the policy file and a screenshot. Please Import, test and report any problems/comments.
The attached files are:
1. SEP custom IPS policy
2. Metasploit's IE_Aurora exploit VS SEP demo
download Filed Under:
Comments
This is great information..
This is great information..
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Thanks for Sharing.
Hello,
Thanks for sharing this information.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
Would you like to reply?
Login or Register to post your comment.