Worm Catcher

A worm is a self-replicating malware (malicious software) that propagates by actively sending itself to new machines. Some worms propagate by using security vulnerabilities in the HTTP protocol.

You can specify how HTTP-based worm attacks should be handled.

Worm Catcher Fields

In this field…	Do this…
Action	Specify what action to take when an HTTP-based worm attack is detected, by selecting one of the following: Block. Block the attack. None. No action. This is the default.
Track	Specify whether to log HTTP-based worm attacks, by selecting one of the following: Log. Log the attack. None. Do not log the attack. This is the default.
HTTP-based worm patterns list	Select the worm patterns to detect.

In this field…

Do this…

Action

Specify what action to take when an HTTP-based worm attack is detected, by selecting one of the following:

Block. Block the attack.
None. No action. This is the default.

Track

Specify whether to log HTTP-based worm attacks, by selecting one of the following:

Log. Log the attack.
None. Do not log the attack. This is the default.

HTTP-based worm patterns list

Select the worm patterns to detect.