> ## Documentation Index > Fetch the complete documentation index at: https://docs.abusix.com/llms.txt > Use this file to discover all available pages before exploring further. # Open Event Subtypes Reference > Reference of Open event subtypes for services that are unexpectedly open or exposed Open events represent services that are unexpectedly open or exposed in Guardian Ops abuse classification. Each open event signifies the existence of open ports, with the corresponding subtypes providing details about the services associated with these open ports. This reference provides a comprehensive list of all supported Open subtypes, organized by category for easy navigation. ## Network Services Services related to network infrastructure and proxy functionality: * `socks` Traffic related to the SOCKS protocol, often used for proxy services * `proxy` Communication involving proxy servers, intermediaries that facilitate network connections * `router` Activity associated with routers, devices directing traffic between networks * `vpn` Interactions with Virtual Private Network services ## Database Services Database systems and data storage services: * `redis` Interactions with Redis, an open-source, in-memory data structure store * `mongodb` Traffic related to MongoDB, a NoSQL database * `elasticsearch` Activity involving Elasticsearch, a distributed search and analytics engine * `mssql` Traffic associated with Microsoft SQL Server or MySQL databases * `mysql` MySQL database services * `postgresql` Traffic related to PostgreSQL database services * `couchdb` Activities associated with CouchDB, a NoSQL database * `db2` Traffic associated with IBM Db2 database services ## File/Directory Services File transfer, synchronization, and directory services: * `portmapper` Communication with portmapper services, facilitating RPC-based interactions * `tftp` Traffic related to Trivial File Transfer Protocol, a simple file transfer protocol * `ftp` Communication involving File Transfer Protocol for file exchanges * `rsync` Traffic related to rsync, a file synchronization tool * `smb` Interactions with Server Message Block protocol for file and printer sharing * `afp` Traffic associated with Apple Filing Protocol, used for Mac file services * `directory_listing` Traffic related to directory listing services ## Remote Access Services Remote access and administration protocols: * `rdp` Activities associated with Remote Desktop Protocol for remote access * `vnc` Traffic involving Virtual Network Computing for remote desktop access * `telnet` Communication with Telnet services for remote command-line access * `ssh` Communication involving Secure Shell protocol for secure access * `radmin` Traffic related to Radmin, a remote administration software * `citrix` Communication with Citrix servers for virtualization and remote access ## Web/HTTP Services Web servers and HTTP-related services: * `http` Communication involving Hypertext Transfer Protocol for web services * `apache_server` Activities associated with Apache web servers * `ssl` Traffic related to secure communication using SSL/TLS protocols * `tls` Traffic related to secure communication using SSL/TLS protocols ## Mail Services Email servers and mail protocols: * `mail_server` Traffic involving mail servers for email communication * `imap` Interactions with IMAP or POP3 protocols for email retrieval * `pop3` Interactions with IMAP or POP3 protocols for email retrieval ## DNS Services Domain Name System resolution services: * `dns_resolver` Communication with DNS resolvers for domain name resolution * `mdns_resolver` Interactions with mDNS resolvers, facilitating device discovery ## Management/Monitoring Services Network management and monitoring protocols: * `snmp` Traffic associated with Simple Network Management Protocol, used for network monitoring * `ipmi` Traffic related to Intelligent Platform Management Interface, used for server management * `ldap` Interactions with Lightweight Directory Access Protocol services * `cwmp` Activities associated with CPE WAN Management Protocol for device management ## Industrial/IoT Services Industrial control systems and Internet of Things protocols: * `ics` Traffic involving Industrial Control Systems protocols * `modbus` Traffic involving Modbus protocol for industrial communication * `bacnet` Traffic related to BACnet protocol for building automation and control networks * `coap` Traffic related to Constrained Application Protocol for IoT * `mqtt` Traffic involving MQTT, a lightweight messaging protocol for IoT ## Network Time Time synchronization services: * `ntp` Interactions with Network Time Protocol servers, synchronizing system clocks ## Media/Messaging Services Multimedia and messaging protocols: * `netbios` Communication with NetBIOS services, often used for file sharing * `sip` Communication involving Session Initiation Protocol for multimedia sessions * `stun` Interactions with Session Traversal Utilities for NAT protocols * `amqp` Interactions with Advanced Message Queuing Protocol services ## Specialized Services Enterprise applications, development tools, and specialized protocols: * `ard` Communication with Apple Remote Desktop services * `ipp` Activities involving Internet Printing Protocol for printer communication * `xdmcp` Activities related to X Display Manager Control Protocol for remote display * `adb` Activities involving Android Debug Bridge for Android device interactions * `chargen` Traffic related to the Character Generator Protocol * `memcached` Interactions with Memcached, an in-memory caching system * `natpmp` Communication with NAT Port Mapping Protocol for network address translation * `qotd` Traffic related to the Quote of the Day Protocol * `ssdp` Interactions with Simple Service Discovery Protocol for device discovery * `isakmp` Activities associated with Internet Security Association and Key Management Protocol * `hadoop` Communication with Hadoop services for distributed storage and processing * `cisco_smart_install` Activities related to Cisco Smart Install protocol * `grafana` Interactions with Grafana, an open-source analytics and monitoring platform * `bitbucket` Communication with Bitbucket servers for source code management * `gitlab_server` Traffic involving GitLab servers for source code management * `ubiquiti` Interactions with Ubiquiti network devices * `smi` Activities associated with Structure of Management Information protocol * `bosmon` Traffic related to BosMon, a monitoring system for emergency services * `ms_exchange` Communication with Microsoft Exchange servers for email services * `ms_sharepoint` Communication with Microsoft SharePoint servers * `ms_rpc` Microsoft RPC services * `secvest_alarm_system` Activities involving Secvest Alarm System protocols * `kubernetes_api_server` Communication with Kubernetes API servers * `epmd` Interactions with Erlang Port Mapper Daemon services * `quic` Communication involving QUIC (Quick UDP Internet Connections) protocol * `docker` Traffic related to Docker, a containerization platform * `dvr` Activities related to Digital Video Recorder services * `hp_ilo` Communication with Hewlett Packard Integrated Lights-Out management * `smarter_mail_server` Interactions with SmarterMail servers for email services * `log4j` Traffic related to Log4j, a Java-based logging utility * `zimbra_server` Communication with Zimbra Collaboration Suite servers * `sap` Activities involving SAP (Systems, Applications, and Products) services * `qnap` Communication with QNAP network-attached storage devices * `confluence` Interactions with Confluence servers for collaboration and documentation * `sophos` Traffic involving Sophos security solutions * `h2_web_console` Communication with H2 Database web consoles * `fortigate` Interactions with Fortigate, a network security appliance * `ivanti` Activities associated with Ivanti endpoint management solutions * `mc_sqlr` Activities associated with Microsoft SQL Server *** ## Related Resources * [Event Types Reference](/docs/guardian-ops/reference/event-types) * [Getting Started with Guardian Ops](/docs/guardian-ops/getting-started) * [Cases](/docs/guardian-ops/cases) * [Glossary](/docs/guardian-ops/reference/glossary)