Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
371372373374375376377378379380
OmniAccess SafeGuard OS Administration Guide
375
Chapter 10: Detecting and Isolating Malware Security Threats
show malware algorithm-info {ipaddress}
The following example is representative of sample output from the command:
(SafeGuardOS) # show malware algorithm-info
Additional Malware Information
------------------------------
Number of Rows:4
Event Id Host IP Category Algorithm App Group Time(msec) Attempts Success
-------- ------- -------- -------- --------- ---------- -------- -------
1 66.166.203.235 Outbout TCP/UDP IP Scan HCARHCAF Microsoft 173 23 0
2 66.166.203.235 Outbout TCP/UDP IP Scan None Microsoft N/A N/A N/A
3 192.168.101.1 Outbout TCP/UDP IP Scan HCARHCAF Microsoft 170 23 0
4 192.168.101.1 Outbout TCP/UDP IP Scan None Microsoft N/A N/A N/A
Ta ble 2 9 explains the output fields of the show malware algorithm-info command.
Syntax Description ipaddress (Optional) Displays additional malware and
algorithm information for this specific IP
address.
Table 29 Show Malware Algorithm-Info Output Fields
Field Description
Event ID A system-generated identifier for the event.
Host IP The host at this address is generating the event.
Category The type of scan or attack: Valid categories are:
Outbound TCP/UDP IP scan
Outbound TCP/UDP port scan
Outbound ICMP IP scan
Outbound TCPSYN Denial of Service (DoS) attack
Outbound ICMP DoS attack