| | 126 | * 呼叫 Classify 作分類簡化 |
| | 127 | |
| | 128 | {{{ |
| | 129 | String[][] class_str = { { // 1 Detection |
| | 130 | "Detection of a Network Scan", "Decode of an RPC Query", |
| | 131 | "A client was using an unusual port", |
| | 132 | "Detection of a non-standard protocol or event" }, |
| | 133 | // 2 attempt info |
| | 134 | { |
| | 135 | "Attempted Information Leak", |
| | 136 | "Information Leak", |
| | 137 | "Large Scale Information Leak", |
| | 138 | "Attempted Denial of Service", |
| | 139 | "Attempted User Privilege Gain", |
| | 140 | "Attempted Administrator Privilege Gain", |
| | 141 | "An attempted login using a suspicious username was detected", |
| | 142 | "Attempt to login by a default username and password", |
| | 143 | "Unsuccessful User Privilege Gain" }, |
| | 144 | |
| | 145 | // 3 user gain |
| | 146 | { "Successful User Privilege Gain" }, |
| | 147 | // 4 admin gain |
| | 148 | { "Successful Administrator Privilege Gain" }, |
| | 149 | |
| | 150 | // 5 attack |
| | 151 | { "Misc Attack", "A suspicious filename was detected", |
| | 152 | "A system call was detected", |
| | 153 | "Executable code was detected", "SCORE! Get the lotion!", |
| | 154 | "access to a potentially vulnerable web application", |
| | 155 | "Web Application Attack", |
| | 156 | "Potential Corporate Privacy Violation" }, |
| | 157 | // 6 dos |
| | 158 | { "Denial of Service", "Detection of a Denial of Service Attack" }, |
| | 159 | // 7 Trojan |
| | 160 | { "A Network Trojan was detected" }, |
| | 161 | // 8 Info |
| | 162 | { "Not Suspicious Traffic", "Unknown Traffic", |
| | 163 | "Potentially Bad Traffic", |
| | 164 | "A suspicious string was detected", |
| | 165 | "Generic Protocol Command Decode", "Generic ICMP event", |
| | 166 | "Misc activity", "A TCP connection was detected" } }; |
| | 167 | |
| | 168 | }}} |
| | 169 | |
| | 170 | |
