The Events Tab
63
Optional columns on the Events tabThis table describes optional columns that you can add to the Events tab. To add an optional column, right-click any column heading and select Columns...This column... Contains this information...
TCP Flags Data in the packet header specifying the intended
treatment of the packet, such as
R
(reset),
P
(push), or
U
(urgent).
Parameter(s) When an intruder is scanning a particular port, this column
displays the port numbers scanned. To consult the ISS
Web site for details about what the scan may indicate, click
the advICE button. The Parameter(s) column cannot b e
used to sort the Events list.
Protocol ID The network protocol (such as HTTP, FTP or NetBIOS)
applicable to the intruder’s communications. For example, if
the intruder was sending malicious Web site commands,
the protocol would likely be HTTP.
Destination Port The TCP/UDP port on the local system that was the target
of the attempted intrusion.
Source Port The TCP/UDP port on the intruder’s system where the
event originated.
Target The NetBIOS (WINS) name or DNS name of the attacked
system (the target). In most cases, this i s the local system.
If Desktop Protector cannot determine a name, it shows the
target’s IP address.
Target IP The IP address of the attacked system. This is usually the
IP address of the local system.
Intruder IP The IP address of the attacking system.
Event ID Internal reference number for each unique event signature.
Response Level A visual representation of the protection Desktop Protector
provided against the intrusion. Each event is indicated with
one of five response levels. For information on how
Desktop Protector responds to events, see page Response
Levels on page 15.
Severity (numeric) A numeric representation of the severity of the event. For
more information, see “Desktop Protector Alerts” on
page9.
Table 10: Events tab optional columns