Example: E-mail notification
In this example, IDS detected an intrusion on the local system and sent an e-mail notification to the systems administrator.
The following is an example of an e-mail notification received for a restricted IP options attack:
To: Sysadmin Subject: A possible intrusion, suspicious inbound activity, was detected on sys1234. The following information was gathered about the event: Time of Event: date time Extrusion Type: ATTACK Attack Type: RESTOPT Local IP Address: 224.0.0.l Local Port: 0 Remote IP Address: 9.5.211.4 Remote Port: 0 Protocol: 2 Throttling Active: *NO Discarded Packet Count: 0 Condition ID: 11 Stack: P Event Correlator: 0001 Detection Point ID: 1001 Suspected Packet: X'<long hexadecimal string>' Recovery . . . : For more information on actions you can take to block and impede future suspicious inbound activity, see the Intrusion detection topic in the Security category in the IBM i Information Center.