Table of Contents
Advertisement
IPS Logs
This section describes logs that are generated when traffic matches IPS rules.
Table C-23. Content Filtering and Security Logs: IPS
Message
Explanation
Recommended Action
Port Scan Logs
This section describes logs that are generated when ports are scanned.
Table C-24. Content Filtering and Security Logs: Port Scan
Message
Explanation
Recommended Action
Instant Messaging/Peer-to-Peer Logs
This section describes logs that are generated when the UTM filters instant messaging and peer to
peer traffic.
Table C-25. Content Filtering and Security Logs: Instant Messaging/Peer-to-Peer
Message
Explanation
Recommended Action
System Logs and Error Messages
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
2008-12-31 23:59:37 drop TCP 192.168.1.2 3496
192.168.35.165 8081 WEB-CGI Trend Micro OfficeScan CGI password
decryption buffer overflow attempt
Logs that are generated when traffic matches IPS rules. The message shows
the date and time, action that is taken, protocol, client IP address, client port
number, server IP address, server port number, IPS category, and reason for
the action.
None
2008-12-31 23:59:12 192.168.1.10 192.168.35.160 5 10 1
18:188 UDP Portscan
Logs that are generated when port scans are detected. The message shows
the date and time, client IP address, server IP address, connection number, IP
number, port number, port range, and details.
None
2008-12-31 23:59:31 0 block 1 8800115 2 TCP 192.168.1.2 543
65.54.239.210 1863 MSN login attempt
Logs that are generated when an IM/P2P traffic violation occurs. The message
shows the date and time, action that is taken, protocol, client IP address, client
port number, server IP address, server port number, IM/P2P category, and
reason for the action.
None
v1.0, January 2010
C-15
Advertisement
Table of Contents
Troubleshooting
