2.17. Idp; Scan_Detected (Id: 01300001); Idp_Notice (Id: 01300002) - D-Link NetDefend DFL-210 Log Reference Manual

Network security firewall
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

2.17. IDP

2.17. IDP
These log messages refer to the IDP (Intrusion Detection & Prevention events) category.

2.17.1. scan_detected (ID: 01300001)

Default Severity
Log Message
Explanation
Gateway Action
Recommended Action
Revision
Parameters
Context Parameters

2.17.2. idp_notice (ID: 01300002)

Default Severity
Log Message
Explanation
Gateway Action
Recommended Action
Revision
Parameters
NOTICE
Scan detected: <description>, Signature ID=<signatureid>. ID Rule:
<idrule>. Protocol: <ipproto>. Source IP: <srcip>. Source Port:
<srcport>. Destination IP: <destip>. Destination Port: <destport>.
Closing connection.
A scan signature mapped to the "protect" action matched the traffic,
closing connection.
close
Research the advisory (searchable by the unique ID), if you suspect an
attack.
1
description
signatureid
idrule
ipproto
srcip
srcport
destip
destport
Rule Name
Deep Inspection
WARNING
IDP Notice: <description>, Signature ID=<signatureid>. ID Rule:
<idrule>. Protocol: <ipproto>. Source IP: <srcip>. Source Port:
<srcport>. Destination IP: <destip>. Destination Port: <destport>.
Closing connection.
A notice signature mapped to the "protect" action matched the traffic,
closing connection.
close
This is probably not an attack, but you may research the advisory
(searchable by the unique ID).
1
description
signatureid
idrule
ipproto
srcip
225
Chapter 2. Log Message Reference

Advertisement

Table of Contents
loading

Table of Contents