Hi,
is the IPS of UTM 9.7 able to detect attacks based on CVE-2019-19781 and block them?
Frank.
This thread was automatically locked due to age.
As UTM uses Snort, it could be. They have updated their rules since Dec. 24th, as stated here
https://blog.talosintelligence.com/2020/01/snort-rules-cve-2019-19781.html
Best regards
Alex
-
That is Talos commercial ruleset afaik. Sophos might have not updated snort rules. I am waiting for some confirmation here. Check out: https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/42099/sophos-utm-ips-rules
Thank for clarification. I was hoping Sophos is using a commercial ruleset too. Best case near up to date like other vendors. The information release from Sophos side is not very good in these cases. Every now and then such a security problem appears. And always the community is asking and the answer isn’t popping up instantly. Is that really only a long way of communication or do they test after the question has appeared. I hope it’s the communication.
Best regards
Alex
-
Alexander Busch said:I was hoping Sophos is using a commercial ruleset too.
maybe they do. but I don't know this and this would be an important information.
Best regards
Joerg
Alexander Busch said:I was hoping Sophos is using a commercial ruleset too.
maybe they do. but I don't know this and this would be an important information.
Best regards
Joerg