IBM Proventia Network Enterprise User Manual - page 175
Viewing Vulnerabilities by Object
175
IBM Proventia Network Enterprise Scanner User Guide, Version 1.3
Viewing Vulnerabilities by Object
Introduction
Viewing vulnerabilities by object displays objects on your network or desktop computers
that are a source of vulnerabilities.
Benefits
You can analyze specific objects that are more affected by vulnerabilities, such as ports or
URLs. You can view an object by the type, name, events, or vulnerability type.
Field descriptions
The following table describes the fields and descriptions for this vulnerability view:
Field
Description
Object Type
Use this filter to analyze a specific type of object that you suspect
is the target of attacks.
Object Name
Use this filter to see events involving a specific object according to
the object's name.
Status
You use the Status filter differently for events and vulnerabilities.
•
Events: The Status column indicates the impact of the event.
•
Vulnerabilities: The Status column indicates whether the
vulnerability was found.
# High
Security issues that allow either or both of the following:
•
immediate remote or local access
•
immediate execution of code or commands with unauthorized
privileges
# Medium
Security issues that have the potential of granting access or
allowing code execution via complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components.
# Low
Security issues that deny service or provide non-system
information that could be used to formulate structured attacks on a
target, but not directly gain unauthorized access.
Tag Count
Use to filter events according to the Tag Count column in the
analysis views. SiteProtector calculates the Tag Count according
to the number of events that are associated with each row of data
in the analysis view. This filters data only in views that contain the
Tag Count column. For example, if you apply this filter to the
Attacker view, SiteProtector would apply the criteria you specified
to each IP address (or row) that appears in the view.
Target Count
Use to filter by the count of target hosts.
Latest Event
Use to filter events according to the Latest Event column in the
analysis views. SiteProtector calculates the time and date for the
latest event on each row of data in an analysis view. This filter
filters data only in views that contain the Latest Event column. For
example, if you apply this filter to the Event Name view,
SiteProtector would apply criteria you specified to each Tag name
(or row) that appears in the view.
Table 62: Vulnerability analysis–object fields