SmartDefense Categories
Chapter 13: Using SmartDefense 417
Table 91: Worm Catcher Fields
In this field… Do this…
Action Specify what action to take when an HTTP-based worm attack is
detected, by selecting one of the following:
• Block. Block the attack.
• None. No action. This is the default.
Track Specify whether to log HTTP-based worm attacks, by selecting one of
the following:
• Log. Log the attack.
• None. Do not log the attack. This is the default.
HTTP-based worm
patterns list
Select the worm patterns to detect.
Microsoft Networks
This category includes File and Print Sharing.
Microsoft operating systems and Samba clients rely on Common Internet File System
(CIFS), a protocol for sharing files and printers. However, this protocol is also widely used
by worms as a means of propagation.
You can configure how CIFS worms should be handled.
To Next Page