Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Documentation Search

    Viewing Predefined Attack Objects (NSM Procedure)

    Purpose

    Juniper Networks Security Center (J-Security Center) develops predefined attack objects and attack object groups for IDP rulebase rules. In most cases, the predefined attack objects are the only attack objects you need to protect your network.

    Figure 1 shows the attack object viewer in NSM. You can use the attack object viewer to view the following summary for each attack object:

    • Name of the attack object
    • Severity of the attack: critical, major, minor, warning, info
    • Category
    • Keywords
    • Common Vulnerabilities and Exposures database (CVE) number
    • Security Focus Bugtraq database number

    Figure 1: NSM Object Manager: Predefined Attack Objects

    Image s036708.gif

    You can double-click the entry in the attack object table to view its details, such as the context and pattern for signature attacks. Figure 2 shows attack details for an HTTP attack.

    Figure 2: NSM Object Manager Predefined Attack Object Details

    Image s036840.gif

    Click the Extended tab to see a technical information and security community references that describe the attack. Figure 3 shows the information available in the Extended tab.

    Figure 3: NSM Object Manager Predefined Attack Object Extended Details

    Image s036841.gif

    Action

    To view predefined attack object details:

    1. In the Object Manager, select Attack Objects > IDP Objects.
    2. Click either the Predefined Attacks or Predefined Attack Groups tab to view the predefined attack object list.
    3. Double-click the table row entry for the attack object to display its details.

    Note: You cannot create, edit, or delete predefined attack objects.


    Published: 2011-02-08