Atomic Ossec Network Intrusion System

AEO includes a high speed network based intrusion prevention system.

Current Features

• Blocks shellshock attacks on non-HTTP services (the WAF blocks shellshock attacks on HTTP services)

• Blocks heartbleed attacks

• Blocks DNS amplification attacks

• Blocks NTP amplification attacks

DNS Amplification Attacks

• You can also define queries you want to block to DNS to help prevent DNS amplification attacks. Place one entry for line. Custom queries are defined in the following file:

  /var/awp/etc/firewall/custom-ips-domains.json
  

• The format of this file is:

  domain.type