Chapter 34 IDP

Table 156 Configuration > Anti-X > IDP > Profile: Query View (continued)

LABEL

DESCRIPTION

Severity

Search for signatures by severity level(s). Hold down the [Ctrl] key if

 

you want to make multiple selections.

 

These are the severities as defined in the ZyWALL. The number in

 

brackets is the number you use if using commands.

 

Severe (5): These denote attacks that try to run arbitrary code or gain

 

system privileges.

 

High (4): These denote known serious vulnerabilities or attacks that are

 

probably not false alarms.

 

Medium (3): These denote medium threats, access control attacks or

 

attacks that could be false alarms.

 

Low (2): These denote mild threats or attacks that could be false

 

alarms.

 

Very-Low(1): These denote possible attacks caused by traffic such as

 

Ping, trace route, ICMP queries etc.

 

 

Attack Type

Search for signatures by attack type(s) (see Table 154 on page 574).

 

Attack types are known as policy types in the group view screen. Hold

 

down the [Ctrl] key if you want to make multiple selections.

 

 

Platform

Search for signatures created to prevent intrusions targeting specific

 

operating system(s). Hold down the [Ctrl] key if you want to make

 

multiple selections.

 

 

Service

Search for signatures by IDP service group(s). See Table 155 on page

 

575 for group details. Hold down the [Ctrl] key if you want to make

 

multiple selections.

 

 

Action

Search for signatures by the response the ZyWALL takes when a packet

 

matches a signature. See Table 153 on page 572 for action details. Hold

 

down the [Ctrl] key if you want to make multiple selections.

 

 

Activation

Search for activated and/or inactivated signatures here.

 

 

Log

Search for signatures by log option here. See Table 153 on page 572 for

 

option details.

 

 

Search

Click this button to begin the search. The results display at the bottom

 

of the screen. Results may be spread over several pages depending on

 

how broad the search criteria selected were. The tighter the criteria

 

selected, the fewer the signatures returned.

 

 

Query Result

The results are displayed in a table showing the SID, Name, Severity,

 

Attack Type, Platform, Service, Activation, Log, and Action criteria

 

as selected in the search. Click the SID column header to sort search

 

results by signature ID.

 

 

OK

Click OK to save your settings to the ZyWALL, complete the profile and

 

return to the profile summary page.

 

 

Cancel

Click Cancel to return to the profile summary page without saving any

 

changes.

 

 

Save

Click Save to save the configuration to the ZyWALL, but remain in the

 

same page. You may then go to the another profile screen (tab) in order

 

to complete the profile. Click OK in the final profile screen to complete

 

the profile.

 

 

578

 

ZyWALL USG 2000 User’s Guide