After network attacks occur, Security Center presents and analyzes the attacks on your assets. This allows you to construct a protection system at a finer-grained level. This topic describes the best practices for tracing attacks.



  1. Log on to the ECS instance as the root user over SSH. In this example, the instance is used as a test server.
  2. Run the curl | sh command to insert a mining program to the server.
    After the command is executed, wait for 3 minutes before you perform the next step.
  3. Log on to the Security Center console.
  4. In the left-side navigation pane, choose Detection > Alerts.
  5. On the Alerts page, view the alert on the mining program.
  6. Click the alert name to view details.
  7. Click the Diagnosis tab to view the tracing information in the alert.
    Note You can view the tracing information only 10 minutes after you perform Step 2. For more information, see Use the attack source tracing feature.