Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Long Term Intrusion Activity

Low

Synopsis

The LCE has detected continuous intrusion activity from a host.

Description

The Log Correlation Engine has detected an IP address that has been the source of IDS events continuously for more than 20 minutes in a row. If the attacker is outside of your network, this could indicate a probe. If the IP address is inside your network, this could indicate a compromised host. In either case, you should look at all available logs and events concerning this IP address.