Table of Contents
Advertisement
28
E
C
VENT
ATEGORY
Table 2-14 Suspicious Categories (continued)
Low Level Event
Category
Description
Potential SMB
Indicates a potential SMB
Vulnerability
(Samba) vulnerability.
Potential Database
Indicates a potential vulnerability
Vulnerability
in the database.
IP Protocol
Indicates a potential IP protocol
Anomaly
anomaly
Suspicious IP
Indicates a suspicious IP address
Address
has been detected.
Invalid IP Protocol
Indicates an invalid IP protocol
Usage
misuse.
Invalid Protocol
Indicates an invalid protocol.
Suspicious Window
Indicates a suspicious event with
Events
a screen on your desktop.
Suspicious ICMP
Indicates suspicious ICMP
Activity
activity.
Potential NFS
Indicates a potential Network File
Vulnerability
System (NFS) vulnerability.
Potential NNTP
Indicates a potential Network
Vulnerability
News Transfer Protocol (NNTP)
vulnerability.
Potential RPC
Indicates a potential RPC
Vulnerability
vulnerability.
Potential Telnet
Indicates a potential Telnet
Vulnerability
vulnerability on your system.
Potential SNMP
Indicates a potential SNMP
Vulnerability
vulnerability.
Illegal TCP Flag
Indicates an invalid TCP flag
Combination
combination has been detected.
Suspicious TCP
Indicates a potentially invalid
Flag Combination
TCP flag combination has been
detected.
Illegal ICMP
Indicates an invalid use of the
Protocol Usage
ICMP protocol has been
detected.
Suspicious ICMP
Indicates a potentially invalid use
Protocol Usage
of the ICMP protocol has been
detected.
Illegal ICMP Type
Indicates an invalid ICMP type
has been detected.
Illegal ICMP Code
Indicates an invalid ICMP code
has been detected.
C
ORRELATION
STRM Event Category Correlation Reference
Severity Level
Event Correlation/
(0 to 10)
Processing
4
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
3
Correlation Group 2 Scenario 2
2
Correlation Group 2 Scenario 2
2
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
2
Correlation Group 2 Scenario 2
2
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
5
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
5
Correlation Group 2 Scenario 2
4
Correlation Group 2 Scenario 2
5
Correlation Group 2 Scenario 2
5
Correlation Group 2 Scenario 2
Additional Event
Processing
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
Need help?
Do you have a question about the SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REFERENCE GUIDE REV 1 and is the answer not in the manual?
Questions and answers