Severity |
Description |
---|---|
1—Information |
Port-based traffic (examples: HTTP, SMTP). |
2—Low |
Policy-related signatures (examples: IM, P2P, Games) |
3—Medium |
Tunneling and scanning activity. |
4—High |
Most intrusion-related signatures. |
5—Critical |
Same as high severity plus very high impact to servers and end users (examples: CVE-2008-4250, Conficker). |