The
Top
Attack Sources widget shows the most active IP addresses attacking your network.
An attack source is the first MTA with a public IP address that routes a
suspicious message. For example, if a suspicious message travels the
following route: IP1 (sender) > IP2 (MTA: 225.237.59.52) > IP3
(company mail gateway) > IP4 (recipient), TippingPoint Advanced
Threat Protection for Email
identifies 225.237.59.52 (IP2) as the attack source. By studying attack
sources, you can identify regional attack patterns or attack patterns that
involve the same mail server.
The table shows detections based on the selected time period. Click a number
under Detections or High Risk Messages to learn more
about the detections. Detections includes all detected email messages,
including high-risk messages.
Click View all attack sources to see all detected attack sources over
the selected time period.
