Confound with the dynamic-attack-group's category concept

solarwindsolarwind Registered Users Posts: 3 ■□□□□□□□□□
Hi,all,

These output are all from JUNOS SECURITY,


{primary:node0}[edit security idp dynamic-attack-group Malicious-Activity]
root@SRX5800-1# set category values [ SHELLCODE VIRUS WORMS SPYWARE TROJAN ]

PAGE 441


[edit security idp dynamic-attack-group Protect-Clients]
root@SRX5800# set filters category values [ HTTP SSL FTP CHAT SHELLCODE WORM
SPYWARE TROJAN VIRUS ]

PAGE 476


Service
Service defines the actual application protocol (e.g., HTTP, FTP, DNS, SMB,
SMTP, etc.) that the attack belongs to. This is similar to some of the attacks defined
under the category configuration.

PAGE 429

I dont's know the dynamic-attack-group's category concept,if I wanna define filter about HTTP or other applications,should I use theCATEGORY parameter or the SERVICE parameter?



Thanks you
Sign In or Register to comment.