Terms of Service
Service Level Agreement
Perjanjian Pemrosesan dan Keamanan Data
{"uin": "1000xxxxxx21","nickname": "Test Account","server": "172.x.x.41 [Test Machine]","instance_id": "ins-xxxxxxxx","region": "Southwest China (Chengdu)","time": "October 30, 2023 09:24:20"}
Field name | Description |
uin | User UIN |
nickname | User's nickname |
server | Machine IP [Machine alias] |
instance_id | Machine instance ID |
region | Region where the machine located |
time | Event time |
{"event_type": "Exceptional Log-in","src_ip": "43.x.x.41","area": "Hong Kong (China)","level": "High-risk"}
Field name | Description |
src_ip | Source IP |
area | Source location |
level | Risk level |
{"event_type": "Password Cracking","src_ip": "43.x.x.41","area": "Hong Kong (China)","count": "3","banned": "Block Success"}
Field name | Description |
src_ip | Source IP |
area | Source location |
count | Number of attempts |
banned | Blocking status |
{"event_type": "Malicious Files","file_type": "Malicious","path": "/root/bebinder_shell.jsp","level": "Severe. Your server may have been hacked. It is recommended to verify promptly to avoid serious damage."}
Field name | Description |
file_type | File type |
path | File path |
level | Danger level |
{"event_type": "Exceptional Processes","pid": "5916","path": "/root/2/ISHELL-v0.2/ishd"}
Field name | Description |
pid | Process ID |
path | Process path |
{"event_type": "Malicious Requests","url": "massdns.ran6066.com","count": "1"}
Field name | Description |
url | Malicious domain |
count | Number of requests |
{"event_type": "High Risk Commands","cmd": "iptables-restore -w 5 --noflush","level": "High-risk","status": "Processing"}
Field name | Description |
cmd | Command content |
level | Threat level |
status | Processing status |
{"event_type": "Local Privilege Escalation","user": "0","process": "Privilege"}
Field name | Description |
user | Privilege escalation user |
process | Privilege escalation process |
{"event_type": "Reverse Shell","process": "mass_0","dst_ip": "125.x.x.220","dst_port": "8888"}
Field name | Description |
process | Process name |
dst_ip | Target host |
dst_port | Target port |
{"event_type": "Java Webshell","type": "Java Webshell - Servlet","pid": "3333","argv": "masstest","class_name": "massTest"}
Field name | Description |
type | Java Webshell type |
pid | Process ID |
argv | Process parameters |
class_name | Java Webshell class name |
{"event_type": "CoreFiles","rule_name": "adwqdadwqd","exe_path": "/usr/bin/systemd-tmpfiles","file_path": "/home","count": "1","level": "High-risk"}
Field name | Description |
rule_name | Hit rule name |
exe_path | Process path |
file_path | File path |
count | Event count |
level | Threat level |
{"event_type": "Network Attacks","src_ip": "129.x.x.166","city": "Nanjing City, Jiangsu Province","vul_name": "showdoc File Upload Vulnerability","dst_port": "80","status": "Attempted Attacks"}
Field name | Description |
src_ip | Source IP |
city | Source city |
vul_name | Vulnerability name |
dst_port | Target port |
status | Attack status |
{"event_type": "Offline Client","offline_hour": "1"}
Field name | Description |
offline_hour | Client offline duration |
{"event_type": "Client Uninstallation"}
{"event_type": "Vulnerability","category": "Linux Software Vulnerabilities","vul_name": "libexpat Code Execution Vulnerability (CVE-2022-40674)","level": "Critical"}
Field name | Description |
category | Vulnerability category |
vul_name | Vulnerability name |
level | Threat level |
{"event_type": "Baseline","category": "Linux System Weak Password Detection","rule_name": "Linux System Weak Password Detection","level": "High-risk"}
Field name | Description |
category | Baseline category |
rule_name | Rule name |
level | Threat level |
{"event_type": "Ransomware Defense","file_path": "/usr/bin/vi"}
Field name | Description |
file_path | File directory |
{"event_type": "Web Tamper Protection (Successful Tampering)","protect_name": "Important File","protect_path": "/tmp","recover_type": "New File Creation","recovered_status": "Not Recovered",}
Field name | Description |
protect_name | Protection name |
protect_path | Protection directory |
recover_type | Event type |
recovered_status | Event status |
{"event_type": "Web Tamper Protection (Recovery Failed)","protect_name": "Important File","protect_path": "/tmp","exception": "Client Offline"}
Field name | Description |
protect_name | Protection name |
protect_path | Protection directory |
exception | Reason for failure |
Apakah halaman ini membantu?
Anda juga dapat Menghubungi Penjualan atau Mengirimkan Tiket untuk meminta bantuan.
masukan