Offense Rule Tests
Table 9-11 IP / Port Test Group
Test
Description
Attacker IP
Valid when the attacker IP
Address
address is one of the
configured IP address(es).
Target IP
Valid when the target list is
Address
any of the configured IP
adddress(es).
This section provides information on the tests you can apply to the rules including:
IP/Port Tests
•
Host Profile Tests
•
•
Date/Time Tests
Device Tests
•
Offense Property Tests
•
IP/Port Tests
The IP/Port tests include:
STRM Administration Guide
Default Test Name
when the
attacker/violator IP is
one of the following IP
addresses.
when the target list
includes any of the
following IP addresses
Creating a Rule
Parameters
IP addresses - Specify the IP
address(es) you wish this test to
consider. You can enter multiple
entries using a comma separated
list.
Configure the following parameters:
any - Specify if you wish this test
•
to consider any or all of the listed
targets.
IP addresses - Specify the IP
•
address(es) you wish this test to
consider. You can enter multiple
entries using a comma separated
list.
203