2.11. IDP
These log messages refer to the IDP (Intrusion Detection & Prevention events) category.
2.11.1. scan_detected (ID: 01300001)
Default Severity
NOTICE
Log Message
Scan detected: <description>, Signature ID=<signatureid>. ID Rule:
<idrule>. Protocol: <ipproto>. Source IP: <srcip>. Source Port:
<srcport>. Destination IP: <destip>. Destination Port: <destport>.
Closing connection.
Explanation
A scan signature mapped to the "protect" action matched the traffic,
closing connection.
Gateway Action
close
Recommended Action
Research the advisory (searchable by the unique ID), if you suspect an
attack.
Revision
1
Parameters
description
signatureid
idrule
ipproto
srcip
srcport
destip
destport
Context Parameters
Rule Name
Deep Inspection
2.11.2. idp_notice (ID: 01300002)
Default Severity
WARNING
Log Message
IDP Notice: <description>, Signature ID=<signatureid>. ID Rule:
<idrule>. Protocol: <ipproto>. Source IP: <srcip>. Source Port:
<srcport>. Destination IP: <destip>. Destination Port: <destport>.
Closing connection.
Explanation
A notice signature mapped to the "protect" action matched the traffic,
closing connection.
Gateway Action
close
Recommended Action
This is probably not an attack, but you may research the advisory
(searchable by the unique ID).
Revision
1
Parameters
description
signatureid
idrule
ipproto
srcip
2.11. IDP
Chapter 2. Log Message Reference
160
Содержание NetDefend SOHO DFL-160
Страница 20: ...List of Tables 1 Abbreviations 23 20 ...
Страница 21: ...List of Examples 1 Log Message Parameters 22 2 Conditional Log Message Parameters 22 21 ...
Страница 31: ...1 3 Severity levels Chapter 1 Introduction 31 ...
Страница 115: ...Recommended Action None Revision 1 2 4 7 unsynced_databases ID 05000008 Chapter 2 Log Message Reference 115 ...
Страница 129: ...Context Parameters Packet Buffer 2 7 14 route_collision ID 00700015 Chapter 2 Log Message Reference 129 ...
Страница 242: ...Context Parameters Rule Name Packet Buffer 2 16 3 ip_rsv_flag_set ID 01600003 Chapter 2 Log Message Reference 242 ...
Страница 356: ...2 33 53 sent_sslalert ID 03700511 Chapter 2 Log Message Reference 356 ...