(1) The host displays the IP address of the host under the device at that time. When the number of hosts exceeds 100 IPs, the addresses will be displayed in segments according to the mask. Click to enter the hosts in the detectable segment. The IP address of each host is also a hyperlink. Click to enter the host status setting page 2) Bandwidth displays the ingress and egress bandwidth occupancy of the host, in Mbps. Note: If a host attacks with a fake source address (such as SYNFlood), because its source address is fake, the device cannot locate the detailed machine, but will only be displayed in the total traffic. 3) The frequency shows the frequency of the host being attacked. Now it is mainly calculated as the frequency of SYN packets, the frequency of ACK packets, the frequency of UDP packets, the frequency of ICMP packets, the frequency of FRAG packets, the frequency of NonIP packets, the frequency of NewTCP connections and the NewUDP connection. 4) Connections Display the number of connections established by the external host with the host (in), the number of connections established by the host with the outside world (out), and UDP connections. The number of in connections far exceeding the normal value indicates that the host may be subject to proxy/proxy attacks, such as CC attacks, etc. Please set the corresponding protection mode or connect to the after-sales technical support of Golden Shield. 5) The protection mode displays the current traffic map of the host, and the status of the host is also displayed on the left, as shown in the following figure:)