Shulou(Shulou.com)06/01 Report--

At present, there is no good localization solution for Ossim's Web UI, which brings some trouble to many beginners of Ossim, especially those who are not good at English. Here are some notes in English and Chinese, which are constantly improving. I hope it will be helpful to you in the process of learning.

Action action

Actions on Objectives harvesting

Alert Alert (lower level)

Alarm warning

Antivirus antivirus (antivirus)

Antispyware counter-espionage

Audit audit

Availability availability

Agent Program agent program

APT Advanced Persistant Threat highly persistent threat

Awareness consciousness

Authorizing Official authorized officer

Brute Force brute force cracking, some are also called brute force cracking

BotNet botnet

Baseline baseline, benchmark

Baselining benchmarking

Checksum checksum

General Common Criteria guidelines

Compliance complianc

Damage or damage to Compromised

Credential credential

Incident emergency

Detector detector

Delivery delivery

Exploitation *

Monitors monitor

Defense in depth defense in depth

Event event

Event Field event field

Event record event logging

Correlation association

Event Correlation event correlation

Event Normalization event standardization

Installation implantation

Misconfiguration discovers configuration errors with Ossim

Sometimes vulnerabilities are caused by outdated protocols, but sometimes vulnerabilities are caused by administrator negligence or configuration errors, such as running a low-version web server program, opening illegal ports on firewalls, and so on. All these can lead to loopholes.)

Reconnaissance step on the spot

Obsverable: behavior that can be observed. Is the most basic information in threat intelligence. For example, the damage to the system and so on.

Analysis of Network Behavioral Analysis Network behavior

Vulnerabilities vulnerability

Vulnerable Protocols's fragile protocol

Vulnerable network protocols's fragile network protocol

Vulnerability Assessment Data vulnerability assessment data

Vulnerability Assessment VA vulnerability assessment for short

Recognizing Attacks on the IT Systems identifies * on the IT system. No matter inside or outside the network, many * behavior features can be discovered by the administrator. When some suspicious events occur, ossim will notify the administrator to pay attention.

The word Exploits is the meaning of exploitation, which mainly represents the meaning of vulnerability exploitation.

Viruses virus

Log log

Logging logging

Application debug logging application debug logging

ThreatActor threat source

Rascal software (Rogue software) rogue software

Rogue security software rogue security software is also known as "intimidation software"

Destination IP address destination IP address

UnKnown port unknown port

Unexpected/atypical protocols unexpected / atypical protocol

Regulatory Compliance complies with laws and regulations

Data Security Standard of Payment Card Industry Data Security Standard-PCI DSS payment Card Industry

Implement Environmental (Physical) and Operational Security implementation environment (including physical) and operational security

Categorize classification

Protect Sensitive IT Assets (Systems and Data) protects sensitive IT assets (systems and data)

Worms worm

Ip spoofing from the outside's IP spoofing from outside

Distributed Denial-of-Service (DDoS) distributed denial of service *

Buffer Overflow buffer overflow

SQL Injection Attacks SQL injection *

Information context situational information

Scalability scalability

Individual case analysis individual event analysis

......

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.