Clicky


Report Description
Security
       Clients using the DNSChanger name servers List of clients associated with DNSChanger name servers
       Conficker Brute Force Logins Show all systems generating a level of brute force logins normally associated with conficker
       Events by User Show total number of network events associated with individual users
       Protocols on non-standard ports Lists protocols detected on server ports that do not match their well known IANA port number: HTTP not on 80, HTTPS not on 443, SSH not on 22, SMTP not on 25, DNS not on 53, FTP not on 21.
       Systems Accessing Malware Websites Show network devices connecting to websites associated with malware
       Systems Connecting to Conficker Websites Show all network devices connecting to websites associated with conficker malware
       Top Events by IP Top security events with drilldown to IP address
Security (Low Level Reports)
       DNS Lookups Associated with Malware Domains (by IP | by User) Suspicious DNS activity. Potential malware client infection
       Heartbleed Events (Server and Client List) Show all network events associated with Heartbleed exploit attempts. Includes server and client IP addresses
       Heartbleed Events (Server List) Show all servers triggering Heartbleed events
       Heartbleed Exploit Show all network events associated with Heartbleed exploit attempts
       Network Event (Conficker) Show all events associated with conficker virus
       Network Events (Conficker Worm Brute Force Logins) Drilldown to systems associated with conficker brute force logins
       Network Events (DNS_MX lookups, possible SPAM) Show all suspicious DNS lookup events which could be associated with SPAM
       Network Events (Exploits) Show all network exploit type security events
       Network Events (IDS) (by IP | by User) Breakdown of all events generated by IDS engine
       Network Events (User Defined) Show all User Defined Alerts
       Network Events Summary (User Defined) Show Summary of User Defined Alerts
       Spyware HTTP Requests (by IP | by User) Show HTTP requests associated with spyware sites
       Top SSL Servers A list of servers running SSL / TLS with protocol breakdown