Ips Logs; Port Scan Logs; Application Logs - NETGEAR UTM5 Reference Manual

ProSecure Unified Threat Management (UTM) Appliance

IPS Logs

This section describes logs that are generated when traffic matches IPS rules.
Table 177. Content-filtering and security logs: IPS
Message
Explanation
Recommended Action

Port Scan Logs

This section describes logs that are generated when ports are scanned.
Table 178. Content-filtering and security logs: port scan
Message
Explanation
Recommended Action

Application Logs

This section describes logs that are generated when the UTM filters application traffic.
Table 179. Content-filtering and security logs: applications
Message
Explanation
Recommended Action
2008-12-31 23:59:37 drop TCP 192.168.1.2 3496 192.168.35.165 8081 WEB-CGI
Trend Micro OfficeScan CGI password decryption buffer overflow attempt
Logs that are generated when traffic matches IPS rules. The message shows the
date and time, the action that is taken, protocol, client IP address, client port
number, server IP address, server port number, IPS category, and reason for the
action.
None.
2008-12-31 23:59:12 192.168.1.10 192.168.35.160 5 10 1 18:188 UDP Portscan
Logs that are generated when port scans are detected. The message shows the
date and time, client IP address, server IP address, connection number, IP number,
port number, port range, and details.
None.
2008-12-31 23:59:31 0 block 1 8800115 2 TCP 192.168.1.2 543 65.54.239.210
1863 MSN login attempt
Logs that are generated when an IM/P2P traffic violation occurs. The message
shows the date and time, the action that is taken, protocol, client IP address, client
port number, server IP address, server port number, IM/P2P category, and reason
for the action.
None.
System Logs and Error Messages
611