IPS Monitor/Block Categories
Category |
Description |
|---|---|
Access Control |
Vulnerabilities caused by insecure access control |
Backdoor/Trojan Horse |
Network activities related to backdoor activity or Trojan horse |
|
BotNet |
BotNet activity |
Buffer Overflow |
Vulnerabilities caused by buffer (heap/stack) overflow/underflow |
DoS (Denial of Service) |
Denial of Services activities |
|
Exploits |
Exploits found in the public domain, such as Exploit-DB |
|
File Vulnerabilities |
Vulnerabilities regarding file formats, such as Office documents and image files |
|
Instant Messenger |
Instant Messenger activity |
|
Malware Traffic |
Activities incurred by malware, such as phone home to C&C servers |
|
P2P |
P2P activity |
|
Reconnaissance |
Scanning activities in the pre-compromise stage of an attack |
Scan |
Probe or scan activity |
Virus/Worm |
Network activities related to worms |
|
Web Attack |
Vulnerabilities regarding Web servers and clients |
|
Miscellaneous |
Anything that does not fit into any other category |
