Detailed information about ports opening

To view detailed information about ports opening:

1. Click anywhere in the row of a Listening on ports event in the table of security events in the Investigation → Forensic data → Container forensic section.
2. In the sidebar that opens, go to the Information tab.

   Kaspersky Container Security displays the following information:

   • The General information section contains general information:
     • Date and time when the port opening was detected.
     • The port that was opened.
     • IP address of the object.
     • Path to the file or directory in the file system of the host server where the executable file is located.
     • Runtime policy mode.
   • The Location details section contains the following information about the container where the process was started:
     • Container ID and name.
     • Image name and digest. You can open the page with image scan results by clicking the name of the relevant image.

       To view the results of an image scan, you need the rights to view image scan results. You also need access to the scope for the clusters.

     • Pod name and labels. You can display pod details by clicking the name of the pod.

       Viewing and managing cluster resources requires the corresponding rights. You also need access to the corresponding scope.

     • Namespace name.
     • Cluster name.
     • Host name and IP address.
   • The Process section contains the following data about the running process:
     • Parent Process Identifier (PPID).
     • Process Identifier (PID) and the new PID.
     • Effective User Identifier (EUID).

Page top