Kerio-tech Firewall6 Manual do Utilizador descarregar pdf (Página 307)

100

101

22.12 Sslvpn Log

307

Example 1

[17/Jul/2008 11:55:14] FTP: Bounce attack attempt:

client: 1.2.3.4, server: 5.6.7.8,

command: PORT 10,11,12,13,14,15

(attack attempt detected — a foreign IP address in the PORT command)

Example 2

[17/Jul/2008 11:56:27] FTP: Malicious server reply:

client: 1.2.3.4, server: 5.6.7.8,

response: 227 Entering Passive Mode (10,11,12,13,14,15)

(suspicious server reply with a foreign IP address)

3. Failed user authentication log records

Message format:

Authentication: <service>: Client: <IP address>: <reason>

• <service> — The WinRoute service to which the user attempted to authenti-

cate (Admin = administration using Kerio Administration Console, WebAdmin = web

administration interface, WebAdmin SSL = secure web administration interface,

Proxy = proxy server user authentication)

• <IP address> — IP address of the computer from which the user attempted to

authenticate

• <reason> — reason of the authentication failure (nonexistent user / wrong pass-

word)

Note: For detailed information on user quotas, refer to chapters 15.1 and 10.1.

4. Information about the start and shutdown of the WinRoute Firewall Engine

a) Engine Startup:

[17/Dec/2008 12:11:33] Engine: Startup.

b) Engine Shutdown:

[17/Dec/2008 12:22:43] Engine: Shutdown.

22.12 Sslvpn Log

In this log, operations performed in the Clientless SSL-VPN interface are recorded. Each log

line provides information about an operation type, name of the user who performed it and ﬁle

associated with the operation.

1 2 ... 302 303 304 305 306 307 308 309 310 311 312 ... 403 404

Comentários a estes Manuais

Sem comentários

Kerio-tech Firewall6 Manual do Utilizador Página 307

Comentários a estes Manuais