Table of Contents
Advertisement
Viewing Vulnerabilities by Asset
Introduction
Benefits
Field descriptions
IBM Proventia Network Enterprise Scanner User Guide, Version 1.3
You can view vulnerabilities by asset to identify weaknesses in your network and hosts.
You can sort your view to identify your most important to least important assets and
develop a risk profile to protect your assets. You can view vulnerabilities by asset to
display for the time period you specify:
IP address of the affected hosts
●
priority level of the vulnerabilities
●
objects affected
●
most recent event
●
You should set the time period of this view to the time of your most recent
Important:
scan. Otherwise, the view displays vulnerability events for previous scans.
The following table describes the fields and descriptions for this vulnerability view:
Field
Description
Target IP
Use this filter to monitor a specific IP address that you suspect is the target
of attacks. The IP address can be either internal or external. This
information is typically modified for you as you explore event data.
•
•
Target DNS Name
Use this filter to display the Domain Name Service (DNS) name of a host
that you suspect is the target of events. You can also use this filter to
suppress hosts that you do not want to monitor.
Status
Use the Status filter differently for events and vulnerabilities.
•
•
# High
Security issues that allow either or both of the following:
•
•
# Medium
Security issues that have the potential of granting access or allowing code
execution via complex or lengthy exploit procedures, or low risk issues
applied to major Internet components.
# Low
Security issues that deny service or provide non-system information that
could be used to formulate structured attacks on a target, but not directly
gain unauthorized access.
Table 61: Vulnerability analysis–asset fields
If you do not know the exact IP address, use the options in the
Operation list to request IP addresses when you do not the exact one
to request.
If you only know the IP address you do not want to see, you can
exclude one or more IP addresses.
Events: The Status column indicates the impact of the event.
Vulnerabilities: The Status column indicates whether the vulnerability
was found.
immediate remote or local access
immediate execution of code or commands with unauthorized
privileges
Viewing Vulnerabilities by Asset
173
Advertisement
Table of Contents
Need help?
Do you have a question about the Proventia Network Enterprise Scanner and is the answer not in the manual?
Questions and answers