摘要 |
A method of analyzing packets at a node of a network by an intrusion prevention system executed by the node, comprising reading the packet by the intrusion prevention system, comparing the packet with a machine-readable signature file, determining the packet has a packet signature that corresponds with the machine-readable signature file, and determining the machine-readable signature file has an associated squelch comprising a squelch threshold and a squelch period is provided. A computer-readable medium having stored thereon a set of instructions to be executed, the set of instructions that, when executed by a processor, cause the processor to perform a computer method of reading a packet, comparing the packet with a machine-readable signature file, determining the packet has a packet signature that corresponds with the machine-readable signature file, and determining the machine-readable signature file has an associated squelch comprising a squelch threshold and a squelch period is provided.
|