what is the difference between "top sources of attack" and "risk distribution by attacker" ?
Created: 27 Jun 2009 • Updated: 21 May 2010
what is the difference between "top sources of attack" and "risk distribution by attacker" ? Which one is the actual source of virus/attacks ? which IP to trace for virus as both giving different iP addresses .
View Inline Image
Quick Look Solution
When you have a virusWhen you have a virus outbreak in yout network, some infected machiens will try to infect other machines in the network. Risk tracer is a utility with which you can track down these network infecting machines.
Similarly, when a Worm is present on the network, it will try to attack oher machines. Firewall/IPS will stop that and send that info to SEPM.
So.....if you are dealing with Virus Outbreak, check the Risk Distribution and block the most active IP's.
The Top Sources of attack will tell you which workstations in your network are performing network attacks on other machines.