Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

reports

Jump to Best Answer

Migration UserOct 04, 2009 07:33 AM

dears , i have multiple questions about the report that gives you Network Threat protection information ...

Ramji IyyerOct 04, 2009 11:05 AM

*edit* You should start by reading the manual Regards... Ramji Iyyer

Migration UserOct 05, 2009 01:56 AM

Migration UserOct 05, 2009 02:50 AMBest Answer

Events for Attack (firewall).Possible values are as follows: 207 = Active Response 211 = Active ...

1. reports

0 Recommend
Migration User
Posted Oct 04, 2009 07:33 AM

Reply Reply Privately
dears ,

i have multiple questions about the report that gives you Network Threat protection information in single report :

1- Top types of attack : what are the types of attacks
2- what is the Attack Events types .
2. RE: reports

0 Recommend
Ramji Iyyer
Posted Oct 04, 2009 11:05 AM

Reply Reply Privately
*edit* You should start by reading the manual

Regards...
Ramji Iyyer
3. RE: reports

0 Recommend
Migration User
Posted Oct 05, 2009 01:56 AM

Reply Reply Privately
which manual?
4. RE: reports
Best Answer

0 Recommend
Migration User
Posted Oct 05, 2009 02:50 AM

Reply Reply Privately
Events for Attack (firewall).Possible values are as follows:

207 = Active Response

211 = Active Response disengaged

219 = Active Response canceled

217 = Executable file change accepted

218 = Executable file change denied

220 = Application Hijack

201 = N/A (invalid traffic by rule)

202 = Port Scan

203 = Denial-of-service attack

204 = Trojan horse

206 = Intrusion Prevention

208 = MAC Spoofing

Copyright 2019. All rights reserved.

Powered by Higher Logic