General

General

Events Not Functional For Avc And Ids

IDS and AVC detected some software executables as malicious and I allow them, but there is no indication in Events of both.

Welcome!

It looks like you're new here. Sign in or register to get started.

Comments

  • Hello :)


    Could you please provide me more details about the application? A download link would be great.


    Thank you.

  • Kindly see the attachments.

    post-31288-1330103760_thumb.jpg

    post-31288-1330103823_thumb.jpg

    post-31288-1330103846_thumb.jpg

  • Hello ONT :)


    For processes that are added to the Exclusions lists, the Event module will not generate entries.


    Please send me a download link so I can test this to see if it is reproducing.


    Thank you.

  • ✭✭✭
    edited February 2012
    Hello ONT :)


    For processes that are added to the Exclusions lists, the Event module will not generate entries.


    Thank you.


    Don't you consider this an Event? What if I falsely added malicious process to Exclusions list?


    Hello ONT :)


    Please send me a download link so I can test this to see if it is reproducing.


    Thank you.


    All softwares were downloaded from their Official Websites.

  • ✭✭✭

    Hello :)


    You can send me any suspicious files so I can send them to our labs.


    If the verdict is INFECTED for that file and you want to add it to the Exclusions list, it's your risk.


    That's we recommend users not to add any file that is flagged by the product to that list.


    Thank you.

Welcome!

It looks like you're new here. Sign in or register to get started.

Welcome!

It looks like you're new here. Sign in or register to get started.