Administration Guide
Page 179
...network packet or packets that relies on the observed network behavior of a specific tool or tools. Matches trigger an alert, while failure to uniquely identify it. Detecting 179 Configuring signature detection To delete port mappings 1 In the Network Security... Do not remove any PAD detection that carry the threat. These patterns are seen together. Caution: Removing a port mapping... About Symantec signatures ■ About user-defined signatures ■ Managing signatures About Symantec signatures Symantec Network Security uses network pattern matching, or signatures, to...
...network packet or packets that relies on the observed network behavior of a specific tool or tools. Matches trigger an alert, while failure to uniquely identify it. Detecting 179 Configuring signature detection To delete port mappings 1 In the Network Security... Do not remove any PAD detection that carry the threat. These patterns are seen together. Caution: Removing a port mapping... About Symantec signatures ■ About user-defined signatures ■ Managing signatures About Symantec signatures Symantec Network Security uses network pattern matching, or signatures, to...
Administration Guide
Page 240
... only flows that pertain to either a source IP or a destination IP. 3 In Match Source and Destination, you can then use the Traffic Playback Tool to replay and scrutinize the records of any column. 240 Reporting Playing recorded traffic ■ Match Source or Destination: This will make a broader query... query, enter data in the following fields: ■ Source or Destination IP: Numeric IP address ■ Port: Valid port number Note: The Network Security console displays the flow data in its entirety. ■ Click Clear to stop the active query and remove the results from display.
... only flows that pertain to either a source IP or a destination IP. 3 In Match Source and Destination, you can then use the Traffic Playback Tool to replay and scrutinize the records of any column. 240 Reporting Playing recorded traffic ■ Match Source or Destination: This will make a broader query... query, enter data in the following fields: ■ Source or Destination IP: Numeric IP address ■ Port: Valid port number Note: The Network Security console displays the flow data in its entirety. ■ Click Clear to stop the active query and remove the results from display.
Administration Guide
Page 241
... View > Show Session Window. 7 Return to Symantec Packet Replay Tool, and click Go. The record of events is displayed as follows: ■ To adjust your view of Recorded Events, click Column. ■ To remove events you can display the flow or delete the event. Note: SuperUsers can replay ... of Selected Record, click a row corresponding to a flow, then click Playback. 5 In Packet Replay Tool, view the detailed packet data, one packet at a time. 6 To view all packet data in two ways: from the Query button or from the Incidents tab on the main menu of the Network Security console.
... View > Show Session Window. 7 Return to Symantec Packet Replay Tool, and click Go. The record of events is displayed as follows: ■ To adjust your view of Recorded Events, click Column. ■ To remove events you can display the flow or delete the event. Note: SuperUsers can replay ... of Selected Record, click a row corresponding to a flow, then click Playback. 5 In Packet Replay Tool, view the detailed packet data, one packet at a time. 6 To view all packet data in two ways: from the Query button or from the Incidents tab on the main menu of the Network Security console.