The Fragmentation Attack action deals with the expression of event information pertaining to the detection of attack activity that involved packet fragmentation (Ex: IP fragmentation attacks, Tear drop attack).
|
Information |
Level |
|---|---|
|
Source - User Information |
Tertiary |
|
Source - Host Information |
Primary |
|
Source - Object Information |
Primary |
|
Source - Process Information |
Tertiary |
|
Source - Group Information |
Tertiary |
|
Dest - User Information |
Secondary |
|
Dest - Host Information |
Primary |
|
Dest - Object Information |
Tertiary |
|
Dest - Process Information |
Tertiary |
|
Dest - Group Information |
Tertiary |
|
Agent - Information |
Primary |
|
Agent - Host Information |
Primary |
|
Event Source - Host Information |
Primary |
|
Event Source - Information |
Tertiary |
|
Event - Information |
Primary |
|
Result - Information |
Primary |
The important information for this action is which signature was matched for the connection from which host to which host. The event information was expressed on which host and recorded by which agent on which host.
|
Result |
event_result |
event_severity |
|---|---|---|
|
Success |
S |
6 |
|
Attempt |
A |
6 |
|
Copyright © 2013 CA.
All rights reserved.
|
|