攻击类型 1
拒绝服务攻击 1
非授权访问尝试 1
预攻击探测 4
可疑活动 4
Exchange-unauthenticated IMAP command 5
协议解码 5
系统代理攻击 7
Real Secure 3.2中新出现的特征 12
Account policy change 14
Apache Web Server Denial of Service Attack 14
攻击和解码的字母顺序表 14
ARP Host Down 15
Ascend Kill 16
Audit log cleared 17
Authentication package loaded 18
Audit policy change 18
Back Orifice Default Install Check 19
Back Orifice 2000 Install Check 20
BootParamd Whoami Decode 21
Brute Force login attack 22
Brute Force login likely successful 23
Change password attack 24
Change password attack likely successful 24
Change to important files 25
Chargen 26
Cisco CR 27
Cleartext SMB Password Detection 28
Cisco ldent 28
Config-log files delete failed 29
Config-log files deleted 30
Disk space shortage 31
Cybercop Scanner 31
DNS All 32
DNS HInfo Request Decode 33
DNS Hostname Overflow 33
DNS Length Overflow 34
DNS Zone Transfers 35
DNS Zone Transfers from High Ports 36
Echo 37
E-mail DEBUG 38
E-mail Decode 38
E-mail Ehlo 39
E-mail EXPN 40
E-mail EXPN Overflow 41
E-mail From 42
E-mail Helo Overflow 43
E-mail Listserv 44
E-mail Pipe 45
E-mail Qmail Length 45
E-mail Qmail Rcpt 46
E-mail Relay Spam 47
E-mail Subject 48
E-mail To 48
E-mail Turn 49
E-mail VRFY 50
E-mail VRFY Overflow 50
E-mail WIZ 52
E-mail Xchg Auth 53
EvilFTP Backdoor 53
Exchange-administrator connect 54
Exchange-administrator login as user 54
Exchange-anonymous logon 55
Exchange-IMAP authentication failures 55
Exchange-logon failure 55
Exchange-NNTP authentication failures 56
Exchange-mail sent as 56
Exchange-mail sent on behalf 56
Exchange-POP3 authentication failures 57
Exchange-PST password saved 57
Exchange-security attribute change 57
Exchange-service password change 58
Exchange-unauthenticated ?ogon attempt 58
Exchange-unauthenticated NNTP command 59
Exchange-unauthenticated P0P3 command 59
Exchange-unauthenticated P0P3 command, Invalid Arguments 59
Exchange-view administrator login 60
Exchange-user login into other users mailbox 60
Exchange-unauthenticated P0P3 command,Wrong Arguments 60
Failed change of important files 61
Failed login-account disabled 61
Failed login-account expired 62
Failed login-account locked out 63
Failed login-bad username or password 63
Failed login-net logon not active 64
Failed login-not authorized for console login 65
Failed login-not authorized for this type of login 66
Failed login-password expired 66
Failed login-time restiction violation 67
Finger Bomb 68
Failed login-unknown error 68
Finger User Decode 69
FSP Detected 70
FTP arg Core Dump 71
FTP Bounce Attank 71
FTP CWD-root 73
FTP get File Decoding 73
FTP mkdir Decoding 74
FTP Password Decoding 75
FTP Privileged Bounce Attack 75
FTP Privileged Port Attack 76
FTP put File Decoding 77
FTP Site Exec 78
FTP Site Command Decoding 78
FTP Site Exec Tar 79
FTP SYST Command Decode 80
FTP Username Decoding 81
Generic Intel Overflow 81
Global group changed 82
Global group created 83
Global group deleted 84
Global group user added 85
Global group user removed 85
Guest user login 86
HP/UX RemoteWatch 87
HTTP 88
HP OpenView SNMP Backdoor 88
HTTP Activex Control Download Decoding 89
HTTP AnyForm 90
HTTP AnyFormPost 91
HTTP Authentication Decode 91
HTTP Cachemgr 92
HTTP campas cgi-bin 93
HTTP Carbo Server 94
HTTP Classifieds Post 94
HTTP Cold Fusion 95
HTTP Cookie Passing 96
HTTP Glimpse cgi-bin 97
HTTP GET Decoding 97
HTTP HTMLScript 98
HTTP HylaFax faxsurvey 99
HTTP IE BAT 100
HTTP IIS$DATA 100
HTTP IIS 3.0 Asp 2E 101
HTTP IIS 3.0 Asp Dot 102
HTTP IISHTR Overflow 103
HTTP IISExAir DoS 104
HTTP Internet Explorer 3.0.URL/.LNK 105
HTTP Info2WWW 105
HTTP Java Decoding 106
HTTP JJ 107
HTTP MachineInfo 108
HTTP Macromedia Shockwave Content Download Decoding 108
HTTP NCSA Buffer Overflow 109
HTTP Netscape pageServices 110
HTTP Netscape SpaceView 110
HTTP Novell Convert 111
HTTP Novell Files 112
HTTP nph-test-cgi 113
HTTP NT8.3 Filename 113
HTTP Pfdisplay Execute 114
HTTP Pfdisplay Read 115
HTTP PHF 116
HTTP PHP Buffer Overflow 116
HTTP PHP File Read 117
HTTP RegEcho 118
HTTP RobotsTxt 119
HTTP RpcNLog 120
HTTP SCO View-Source 120
HTTP SGI Handler 121
HTTP SGI WebDist 122
HTTP SGI Wrap 123
HTTP ShellHistory 123
HTTP Shell Interpreter Accesses 124
HTTP SiteCsc Access 125
HTTP test-cgi 126
HTTP UNIX Passwords 127
HTTP Vulnerable Client 128
HTTP Verity Search 128
HTTP WebFinger 129
HTTP Webgais 130
HTTP Websendmail 130
HTTP Website Uploader 131
HTTP Website Win-C-Sample 132
HTTP WWW-Count cgi-bin 133
Ident Buffer Overflow 134
Ident Error Decode 134
Ident Newline 135
Ident User Decoding 136
IMAP Password Decoding 137
IMAP Buffer Overflow 137
IMAP Username Decoding 138
IMAP2bis Server, Anonymous login successful 139
IMAP2bis Server, Brute force attack 139
IMAP2bis Server, Buffer overflow attack 140
IMAP2bis Server, Buffer overflow attack Successful 141
IMAP2bis Server, Pre-authenticated user login 142
IMAP2bis Server, User Auto-logout 143
IMAP2bis Server, User login failure 143
IMAP2bis Server, User login successful 144
IMAP2bis Server, User logout 145
INN Control Message 146
INN Buffer Overflow 146
IP Duplicate Check 147
IP Fragmentation 148
IP Half Scan 149
IP Unknown Protocol 150
IPOP3D, Brute force attack 151
IPOP3D, Buffer overflow attack 152
IPOP3D, User auto-logout 153
IPOP3D, User kiss of death logout 153
IPOP3D, User login failure 154
IPOP3D, User login successful 155
IPOP3D, User login to remote host successful 156
IPOP3D, User logout 156
IRC Channel Decode 157
IRC Nick Decode 158
IRC Message Decode 158
IRCD Buffer Overflow 159
ISS Scan Check 160
Kerberos IV User Snarf() 161
Land Denial of Service Attack 161
Land UDP 162
LDAP-blacklist failed 163
LDAP-blacklist permanent 163
LDAP-blacklist short-term 163
Local group changed 164
Local group created 165
Local group user added 166
Local group deleted 166
Local group user removed 167
Logon process registered 168
Logon with admin privileges 169
Logon with special privileges 170
Loki 171
LSA Connect Check 172
Mounted Export Decode 173
Mounted Mount Decode 173
MSSQL-Failed Connection 174
MSSQL-Successful Trusted Connection 174
MSSQL65-Successful Non-Trusted Connection 175
MSSQL65-Shutdown 175
MSSQL65-Startup 175
MSSQL7-Shutdown 176
MSSQL7-Startup 176
MSSQL7-Successful Non-Trusted Connection 176
NitBIOS Session Grant Decode 176
NetBIOS Session Reject Decode 177
NetBIOS Session Request Decode 177
NetBus 178
NetBus Pro 179
NFS Guess Check 179
NFS Mknod Check 180
NFS UID Check 181
NISd Buffer Overflow Attack 182
Nmap Scan 183
NNTP Group Decoding 184
NNTP Password Decoding 184
NNTP Username Decoding 185
NNTP Xchg Auth 186
Oracle-Connect Internal 186
Oracle-Failed Connection 187
Oracle-Failed Object Access 187
Oracle-Shutdown 187
Oracle-Successful Object Access 188
Out of virtual memory 188
Oracle-Successful Connection 188
Oracle-Startup 188
Packet Capturing Remote Decode 189
Packet Capturing Tool Decode 190
Password change failed 190
Password change successful 191
PCNFSD Exec 192
Perl Fingerd Check 193
Ping Flooding 194
Ping Of Death 195
POP Buffer Overflow 196
POP Password Decoding 196
POP Username Decoding 197
Portmapper Program Dump Decode 198
Portmapper Proxy Call Decode 199
Portmapper Proxy Mount Check 199
Portmapper Set 200
Portmapper Set Spoof 201
Portmapper Unset 201
Portmapper Unset Spoof 202
Portscan Detection 203
Privileged service called 204
Probing of important files 205
Program execution started 205
Program exited 206
Qpopper, User login failure 207
Qpopper, Possible user probe 207
Queso Scan 208
RealSecure Kill Action Detection Check 209
Registry autorun changed 210
Registry eventlog settings changed 211
Registry NT security options changed 212
Registry remote edit changed 215
Rexd Decode 216
Rexec Session Decode 217
RIP Entry Added Decode 217
RIP Entry Timeout Decode 218
RIP Metric Change Decode 219
Rlogin-froot 220
Rlogin Decoding 220
RPC.Admind Check 221
RPC Cmsd Overflow 222
RSH Decoding 223
RTM Finger 223
Rwhod 224
SAMBA SMB Password Overrun 225
SATAN 226
Selection Service Holdfile Check 227
Sendmail, Address expand[EXPN] 228
Sendmail, Address Verify[VRFY] 228
SMURF Denial of Service Attack 229
SNMP Community String Decode 230
SNMP Delete WINS Database Attack 231
SNMP Decode 231
SNMP Set Decode 232
SNMP Suspicious Get 233
SNMP Suspicious Set 234
Source Routing 235
SQLServer-login failed 236
SQLServer-login failed, not administrator 236
SQLServer-login failed,not trusted 236
SQLServer-login failed,not valid user 237
SQLSrever-login failed, too many users 237
SSH agent authentication failure 237
SSH command execution 238
SSH Connection for user not allowed from host 239
SSH Connection for user not allowed 239
SSH connection from host not allowed 240
SSH Detected 241
SSH DNS Spoofing Attack, No reverse mapping 241
SSH DNS Spoofing Attack, Reverse mapping different 242
SSH IP options used 243
SSH Kerberos authentication failed 244
SSH Kerberos authentication successful 245
SSH Kerberos KDC possible spoofing 245
SSH Kerberos password authentication failed 246
SSH Kerberos TGT not verified 247
SSH Kerberos ticket authentication failed 248
SSH Kerberos TGT rejected 248
SSH OSF/1 security level 249
SSH Rhosts authentication attempt from unprivileged port 250
SSH Rhosts authentication attempt refused 251
SSH Rhosts authentication successful 251
SSH Root command execution 252
SSH Root login 253
SSH RSA authenticated from restricted host 254
SSH RSA authentication failed 254
SSH RSA authentication refused 255
SSH SecurID authentication required 256
SSH Successful password auth 257
SSH server connection 257
SSH User name length overflow attack 258
Startup of important programs 259
Statd Buffer Overflow Attack 259
Statd File Creation Check 260
SubSeven Scan 262
Successful login 263
Sun SNMP Backdoor 263
Suspect Finger connection 264
Suspect FTP connection 264
Suspect IMAP connection 265
Suspect Netbus connection 265
Suspect Netstat connection 265
Suspect Portscan 266
Suspect POP2 connection 266
Suspect POP connection 266
Suspect SMTP connection 267
Suspect SSH connection 267
Suspect Sunrpc connection 268
Suspect Systat connection 268
Suspect Telnet connection 268
Suspect Time connection 268
Suspect Whois connection 269
Suspect WWW connection 269
Sybase-Failed Connection 269
Sybase-No Configuration File 269
Sybase-Successful Connection 270
Sybase-Startup 270
Sybase-Shutdown 270
Sybase_Successful_Connection 271
SYN Flood 271
Talk Flash 272
Talk Request Decoding 273
TCP/IP Protocol Violations 273
TCP Hi jacking Tools Decode 274
TCP Overlap Data 275
TearDrop Fragmentation Attack 276
TFTP Get 277
TFTP Put 278
ToolTalk Overflow 279
Trace Route Decode 280
Trusted domain added 281
Trusted domain removed 282
UDP Bomb 283
UDP Port Scan 283
Unix root login sucessful 285
Unix root su failure 285
Unix root su successful 286
Use of user rights 286
User account changed 287
User account created 288
User account deleted 289
User Added to Local Admin Group 290
User Added to Global Admin Group 290
User admin right granted 291
User Admin Right Revoked 292
User logout 293
User right granted 294
User right revoked 295
Win IGMP 295
Windows Access Error Decode 296
Windows Null Session Decode 297
Windows Out of Band (OOB) 297
Windows Password Cache File Access 298
Windows Remote Registry Access Decode 299
Ypupdated Exec Check 300