Views:
A suspicious host is an IP address or host name with the potential to expose systems to danger or loss. View suspicious hosts to understand your risk, find related messages, and assess the relative prevalence of the suspicious host.

Procedure

  1. Go to DetectionsSuspicious ObjectsHosts.
  2. Specify the search criteria.
    • Host (IP address or host name)
    • Period
  3. Press ENTER.
    All suspicious objects matching the search criteria appear.
  4. View the results.
    Header
    Description
    Host
    View the IP address or host name used by the suspicious object.
    Port
    View the port number used by the suspicious object.
    Risk Level
    View the level of potential danger in a sample after Virtual Analyzer executes the file or opens the URL.
    Related Messages
    View the messages containing the same suspicious object.
    Latest Message Recipients
    View the most recent recipients of the email message containing suspicious objects.
    Latest Detection
    View the date and time Virtual Analyzer last found the suspicious object in a submitted object.
Keywords: suspicious hosts,suspicious messages,suspicious objects,hosts