HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide

Figure 7-1 Network Node Alerts Tab

Each alert entry displays the alert severity, the attacker, the attack type, the date and

time the alert was generated, and other data. The columns displayed depend on

selections on the Preferences screen, which lists and describes all the column names.

For more information see “Alert Events Preferences” (page 129).

Alerts are highlighted with color bars to emphasize the severity level of the potential

attack (your colors may vary).

Red (severity 1) This is a critical alert. A critical alert indicates a direct

and immediate compromise of a system.

Yellow (severity 2) This is a severe alert. A severe alert can indicate an attack

that can compromise the system, but without fatal

consequences.

Blue (severity 3) This is a moderate alert. A moderate alert can provide

information about an event that can be used to carry out

a more severe attack on the system.

When you select an alert, regardless of its severity, it is highlighted in light blue and

marked as Seen. The panel below the list of alerts shows the detailed description of

the last selected alert.

Alerts Tab 115