ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

IPS Logs

This section describes logs that are generated when traffic matches IPS rules.

Table C-23. Content Filtering and Security Logs: IPS

Message

2008-12-31 23:59:37 drop TCP

192.168.1.2 3496

 

192.168.35.165 8081 WEB-CGI

Trend Micro OfficeScan CGI password

 

decryption buffer overflow attempt

 

 

 

Explanation

Logs that are generated when traffic matches IPS rules. The message shows

 

the date and time, action that is taken, protocol, client IP address, client port

 

number, server IP address, server port number, IPS category, and reason for

 

the action.

 

 

 

 

Recommended Action

None

 

 

 

 

Port Scan Logs

This section describes logs that are generated when ports are scanned.

Table C-24. Content Filtering and Security Logs: Port Scan

Message

2008-12-31 23:59:12 192.168.1.10 192.168.35.160 5 10 1

 

18:188 UDP Portscan

 

 

Explanation

Logs that are generated when port scans are detected. The message shows

 

the date and time, client IP address, server IP address, connection number, IP

 

number, port number, port range, and details.

 

 

Recommended Action

None

 

 

Instant Messaging/Peer-to-Peer Logs

This section describes logs that are generated when the UTM filters instant messaging and peer to peer traffic.

Table C-25. Content Filtering and Security Logs: Instant Messaging/Peer-to-Peer

Message

2008-12-31 23:59:31 0 block 1 8800115 2 TCP 192.168.1.2 543

 

65.54.239.210 1863 MSN login attempt

 

 

Explanation

Logs that are generated when an IM/P2P traffic violation occurs. The message

 

shows the date and time, action that is taken, protocol, client IP address, client

 

port number, server IP address, server port number, IM/P2P category, and

 

reason for the action.

 

 

Recommended Action

None

 

 

System Logs and Error Messages

C-15

v1.0, September 2009

Page 455
Image 455
NETGEAR UTM25EW-100NAS, UTM25-100NAS, UTM10EW-100NAS manual IPS Logs, Port Scan Logs, Instant Messaging/Peer-to-Peer Logs