Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Relatório Semanal U&M - InvestLinux – 01/10/2012
Uptime / Last OK
Espaço em Disco OK
Dmesg OK
Logs OK
Dat Anti-Vírus OK
Top - Memória / Processos / Carga OK
Processos OK
Portas Tcp Udp Abertas OK
MRTG - Tráfego OK
MRTG - Processador OK
Ipaudit Diário OK
Ipaudit Semanal OK
Squid Reports - TopSites OK
Squid Reports - TopUsers OK
Nagios - Disponibilidade HTTP 100,00%
Nagios - Disponibilidade SMTP 100,00%
Uptime / LastUptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uem-gw]# uptime 09:39:20 up 7 days, 1:11, 1 user, load average: 0.62, 0.47, 0.39
[root@uem-gw]# last | sort -k 3 | morewtmp begins Mon Oct 1 09:39:15 2012il-adm pts/0 vps.investlinux. Mon Oct 1 09:39 still logged in
Espaço em Disco[root@uem-gw]# df -hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 25G 12G 69% /varrun 1014M 252K 1014M 1% /var/runvarlock 1014M 0 1014M 0% /var/lockudev 1014M 52K 1014M 1% /devdevshm 1014M 0 1014M 0% /dev/shm/dev/sdb1 50G 19G 29G 40% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.105/Pessoal 20G 16G 4,3G 79% /ftp/Pessoal//192.168.0.105/Public 200G 162G 39G 81% /ftp/Public//192.168.0.105/Restrito 200G 162G 39G 81% /home/Restrito//192.168.0.100/CorporeRM 47G 20G 27G 43% /home/ponto//192.168.0.105/BKP-linux 30G 16G 15G 52% /backup-remoto
Dmesg
Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral)- Sem informações relevantes -
Logs
Verificação superficial de logs do sistema: ( syslog(tmsys) / secure(tms) / squid(tmsq) )
Dat Anti-Vírus
[root@uem-gw]# freshclamClamAV update process started at Mon Oct 1 09:42:09 2012WARNING: Your ClamAV installation is OUTDATED!WARNING: Local version: 0.97.5 Recommended version: 0.97.6DON'T PANIC! Read http://www.clamav.net/support/faqmain.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)daily.cld is up to date (version: 15420, sigs: 275602, f-level: 63, builder: guitar)bytecode.cld is up to date (version: 190, sigs: 36, f-level: 63, builder: neo)
Semana Anterior:ClamAV update process started at Mon Sep 24 13:58:26 2012 main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 15397, sigs: 268228, f-level: 63, builder: neo) bytecode.cld is up to date (version: 190, sigs: 36, f-level: 63, builder: neo)
Top - Memória / Processos / Carga- Sem informações relevantes -
Processos- Sem informações relevantes -
Portas Tcp Udp Abertas[root@uem-gw]# netstat -ap | grep LISTEN | grep -v STREAMtcp 0 0 localhost:60000 *:* LISTEN 6846/postgrey.pid -tcp 0 0 *:10050 *:* LISTEN 9156/zabbix_agentdtcp 0 0 192.168.0.1:5666 *:* LISTEN 7229/nrpe tcp 0 0 *:rsync *:* LISTEN 7421/rsync tcp 0 0 localhost:mysql *:* LISTEN 6726/mysqld tcp 0 0 *:webmin *:* LISTEN 9186/perl tcp 0 0 *:81 *:* LISTEN 7739/apache2 tcp 0 0 *:ftp *:* LISTEN 10433/proftpd: (acctcp 0 0 10.0.0.29:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.27:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.25:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.23:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.21:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.19:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.17:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.15:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.13:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.11:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.9:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.7:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.3:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.5:domain *:* LISTEN 6250/named tcp 0 0 10.0.0.1:domain *:* LISTEN 6250/named tcp 0 0 200.199.9.234:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.28:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.29:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.12:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.50:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.11:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.10:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.9:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.8:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.7:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.6:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.4:domain *:* LISTEN 6250/named tcp 0 0 200.243.57.3:domain *:* LISTEN 6250/named tcp 0 0 correio.uem.com.:domain *:* LISTEN 6250/named
tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 6250/named tcp 0 0 192.168.0.2:domain *:* LISTEN 6250/named tcp 0 0 192.168.0.1:domain *:* LISTEN 6250/named tcp 0 0 localhost:domain *:* LISTEN 6250/named tcp 0 0 *:ssh *:* LISTEN 6566/sshd tcp 0 0 *:3128 *:* LISTEN 32458/(squid) tcp 0 0 *:smtp *:* LISTEN 7400/master tcp 0 0 localhost:953 *:* LISTEN 6250/named tcp 0 0 *:1723 *:* LISTEN 7408/pptpd tcp 0 0 *:smtp *:* LISTEN 7400/master tcp 0 0 localhost:953 *:* LISTEN 6250/named tcp 0 0 *:1723 *:* LISTEN 7408/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 7421/rsync tcp6 0 0 [::]:domain [::]:* LISTEN 6250/named tcp6 0 0 [::]:ssh [::]:* LISTEN 6566/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 6250/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uem-gw:~# netstat -nap | grep LISTEN | grep -v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 6846/postgrey.pid -tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 9156/zabbix_agentdtcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 7229/nrpe tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7421/rsync tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 6726/mysqld tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 9186/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 7739/apache2 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 10433/proftpd: (acctcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.199.9.234:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 6250/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 6566/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 32458/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7400/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 6250/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7408/pptpd tcp6 0 0 :::873 :::* LISTEN 7421/rsync tcp6 0 0 :::53 :::* LISTEN 6250/named tcp6 0 0 :::22 :::* LISTEN 6566/sshd tcp6 0 0 ::1:953 :::* LISTEN 6250/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
MRTG - Tráfego*
Internet – eth1
Roteador Embratel
Link Oi – eth2
VPN Yamana – tun1
VPN Juruti
VPN Rio Capim – tun4
VPN Zâmbia – tun6
VPN Carajás – tun7
Roteador Jangada – 189.52.77.26
UeM ADM – CPU Utilization
UeM ADM – Load
UeM GW – CPU Utilization
UeM GW – Load
*Os gráficos foram comparados com os da semana anterior. Em caso de alteração significativa, é feita a análise de possível problema e relatado como observação abaixo do mesmo.Os Gráficos não comentados foram considerados normais. Caso queira análise de algum específico, basta fazer o pedido.
Ipaudit Diário
- Sem informações relevantes -
Ipaudit Semanal (Top 10)
IP Host Name Incoming(bytes)
Outgoing(bytes)
Total(bytes)
200.243.057.005 uemnotes.uem.com.br 7,830,873,525 22,787,465,628 30,618,339,153
200.243.057.002 correio.uem.com.br 17,710,066,530 1,914,075,153 19,624,141,683
200.243.057.008 - 8,443,170,702 2,074,712,306 10,517,883,008
192.168.000.001 - 1,000,285,523 7,404,427,355 8,404,712,878
200.243.057.011 - 4,438,911,785 2,447,343,355 6,886,255,140
192.168.000.103 uemnotes.uem.com.br 1,849,508,783 4,111,362,315 5,960,871,098
192.168.000.107 uemantspam.uem.com.br 1,945,185,966 610,656,338 2,555,842,304
192.168.000.172 uemmbb45.uem.com.br 1,732,639,100 510,344,510 2,242,983,610
192.168.000.161 - 1,070,284,902 39,867,372 1,110,152,274
192.168.000.011 uemmbb53.uem.com.br 842,792,808 156,638,387 999,431,195
Squid Reports Semanal – 23/09/2012 a 30/09/2012
Squid Reports – TopSites
NUM ACCESSED SITE CONNECT BYTES TIME
1 s.glbimg.com 298.46K 1.03G 62.67M
2 s2.glbimg.com 215.63K 841.63M 64.19M
3 osce80-en.url.trendmicro.com 185.86K 126.49M 72.77M
4 au.download.windowsupdate.com 81.22K 4.22G 208.51M
5 mail.yimg.com 67.48K 161.93M 4.81M
6 www.google-analytics.com 63.48K 53.58M 6.25M
7 download.windowsupdate.com 52.63K 1.08G 59.54M
8 ads.img.globo.com 46.90K 208.82M 25.27M
9 www.google.com.br 44.96K 592.95M 58.40M
10 clients1.google.com.br 42.31K 32.59M 8.51M
11 ads.globo.com 37.22K 34.08M 2.60M
12 p2.trrsf.com.br 30.82K 52.17M 2.48M
13 h.imguol.com 28.81K 76.28M 4.88M
14 pagead2.googlesyndication.com 27.53K 281.95M 32.49M
15 api.globo.com 25.52K 25.71M 2.04M
16 googleads.g.doubleclick.net 25.04K 65.58M 7.21M
17 ads.imguol.com 24.27K 11.05M 830.91K
18 www.livehelpnow.net 23.46K 30.96M 7.69M
19 imgcdn.ptvcdn.net 22.80K 33.97M 33.97M
20 oss-content.securestudies.com 22.60K 6.46M 10.21M
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IP
www.2girlsteachsex.com 192.168.12.141www.acompanhantesgyn.com.br 192.168.13.184www.assistatvonline.com 192.168.10.230www.assistirtv.tv 192.168.16.103www.assistirtvonlinegratis.tv 192.168.10.230www.ebuddy.com 192.168.0.17www.famosas-nuas.net 192.168.8.172www.gatasemgoiania.com.br 192.168.0.67 192.168.10.203 192.168.16.109www.livrequente.com 192.168.13.150www.nudeandhairy.com 192.168.8.183www.nudevista.com 192.168.13.150www.prettyhotandsexy.com 192.168.8.145www.sexbh.com.br 192.168.16.103www.sexbiffen.dk 192.168.13.150www.sexo.com 192.168.13.155www.sexolandia.org 192.168.13.109www.sexolicious.com 192.168.10.242www.sexybuttpics.com 192.168.12.184www.socialsex.biz 192.168.12.203
Obs1: Foi acrescentada a expressão “www.livrequente” ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso de sites relacionados.
Trend Micro - InterScan Messaging Security Suite
DADOS DO SISTEMA
NOME VERSÃO CORRENTE DISPONÍVEL VERSÃO ANTERIORScan engine 9.500.1005 9.500.1005 9.500.1005Virus pattern 9.433.00 9.433.00 9.419.00Spyware/grayware pattern 1.329.00 1.329.00 1.329.00IntelliTrap pattern 0.167.00 0.167.00 0.167.00IntelliTrap exceptions 0.805.00 0.805.00 0.803.00Anti-spam engine 6.800.1017 6.800.1017 6.800.1017Spam pattern 19226.001 19226.001 19208.001URL Filtering Engine 3.500.1047 3.000.1029 3.500.1047
GRÁFICOS – PERÍODO 23/09/2012 A 29/09/2012
Scanning ConditionsTotal Message % Incoming Outgoing
Total message count 102313 100.00 97308 5005
Virus or malicious code 7 0.01 7 0
Spyware/grayware 0 0.00 0 0
Spam 14366 14.04 14327 39
Phish 38 0.04 38 0
Suspicious URLs - Web Reputation 1 0.00 1 0
DKIM enforcement 0 0.00 0 0
Attachment 0 0.00 0 0
Size 103 0.10 82 21
Content 172 0.17 159 13
Compliance 0 0.00 0 0
Others 0 0.00 0 0
Scanning exceptions 1 0.00 0 1
Spam Tagged by Cloud Pre-Filter 0 0.00 0 0
IP Profiler 15 0.01 15 0
Email reputation 55092 53.85 55092 0
Clean email 32518 31.78 27587 4931
Trend Micro Email Encryption 0 0.00 0 0
Spam by Action
Spam ActionsDetections Message % Size (MB)
Total spam message count 69473 100.00 282.096
Quarantined 14366 20.68 282.096
Deleted 0 0.00 0.000
Tagged 14365 20.68 282.093
Other 0 0.00 0.000
Rejected by Email reputation 55092 79.30 N/A
Rejected by IP Profiler 15 0.02 N/A
Top 10 Spam RecipientsRecipient Total Message Count Total Spam Msgs Spam Msgs % Spam Size (MB) Spam Size %
[email protected] 557 315 56.55 5.268 [email protected] 552 314 56.88 14.197 [email protected] 1034 301 29.11 6.494 [email protected] 458 292 63.76 7.966 [email protected] 364 255 70.05 4.808 [email protected] 276 250 90.58 4.944 [email protected] 600 248 41.33 3.381 [email protected] 435 230 52.87 4.686 [email protected] 379 229 60.42 4.474 35.02
[email protected] 406 212 52.22 4.989 43.67
Virus and Malicious Code Summary
Detections Message %
Total detections 7 100.00
Messages deleted 0 0.00
Messages quarantined 7 100.00
Attachments cleaned 0 0.00
Messages with attachments deleted 6 85.71
Messages blocked by IP Profiler 0 0.00
Top 10 Virus and Malicious Code Detections1Possible_Virus 62PAK_Generic.005 13N/A 04N/A 05N/A 06N/A 07N/A 08N/A 09N/A 0
10N/A 0
Top 10 Virus RecipientsRecipient Total Message Count Total Virus Msgs Virus Msgs % Virus Size (MB) Virus Size %
[email protected] 72 1 1.39 0.076 [email protected] 114 1 0.88 0.076 [email protected] 68 1 1.47 0.076 [email protected] 48 1 2.08 0.076 [email protected] 21 1 4.76 0.076 [email protected] 114 1 0.88 0.252 [email protected] 9 1 11.11 0.076 3.898N/A 0 0 0.00 0.000 0.009N/A 0 0 0.00 0.000 0.00
10N/A 0 0 0.00 0.000 0.00
CACTI – Gráficos
Período de 24/09/2012 a 01/10/2012
UEMFS
UEMICA
UEMNOTES
UEMPRD
UEMRMSA
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
internet_embratel Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
internet_oi Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
link-carajas Rede_Ping99.672% (99.672%)
0.049% (0.049%)
0.000% (0.000%)
0.279% (0.279%)
0.000%
link-ebt-jangada Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
link-jangada Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
link-juruti Rede_Ping99.613% (99.613%)
0.000% (0.000%)
0.000% (0.000%)
0.387% (0.387%)
0.000%
uem1_Rede_Ping99.869% (99.869%)
0.000% (0.000%)
0.000% (0.000%)
0.131% (0.131%)
0.000%
link-riocapim Rede_Ping99.808% (99.808%)
0.000% (0.000%)
0.000% (0.000%)
0.192% (0.192%)
0.000%
uem1_Rede_Ping99.919% (99.919%)
0.000% (0.000%)
0.000% (0.000%)
0.081% (0.081%)
0.000%
link-vlopes Rede_Ping99.215% (99.215%)
0.000% (0.000%)
0.000% (0.000%)
0.785% (0.785%)
0.000%
uem1_Rede_Ping99.610% (99.610%)
0.000% (0.000%)
0.000% (0.000%)
0.390% (0.390%)
0.000%
link-yamana Rede_Ping99.441% (99.441%)
0.000% (0.000%)
0.000% (0.000%)
0.559% (0.559%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
nagios_remoto Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
router_cisco Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Telnet100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
storage-119 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
storage-120 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
switch-3com-B Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
switch-3com-C Rede_Ping85.148% (85.148%)
0.000% (0.000%)
0.000% (0.000%)
14.852% (14.852%)
0.000%
switch-3com-D Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
switch-3com-E Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
switch-3com-F Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem-gw Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_backup100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_public
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
99.901% (99.901%)
0.000% (0.000%)
0.000% (0.000%)
0.099% (0.099%)
0.000%
Local_Disk_home_restrito
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_ftp_public
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Local_Disk_home_ponto
99.901% (99.901%)
0.000% (0.000%)
0.000% (0.000%)
0.099% (0.099%)
0.000%
uemantspam-imss Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uembdcRede_Active Directory
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Active Directory
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uembes-blackberry Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_LotusDomino100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping99.901% (99.901%)
0.099% (0.099%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemfs-fileserver Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_NetBios100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http99.908% (99.908%)
0.000% (0.000%)
0.000% (0.000%)
0.092% (0.092%)
0.000%
Rede_Metaframe99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
Rede_Ping99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
Rede_TS99.908% (99.908%)
0.000% (0.000%)
0.000% (0.000%)
0.092% (0.092%)
0.000%
uem1_Rede_Metaframe
99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
uem1_Rede_TS99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
uemmine-database Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Sql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemnotes-correio Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Https100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ldap100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Smtp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Https100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Smtp100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_SAP100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Oracle99.901% (99.901%)
0.000% (0.000%)
0.000% (0.000%)
0.099% (0.099%)
0.000%
Rede_Ping99.866% (99.866%)
0.000% (0.000%)
0.000% (0.000%)
0.134% (0.134%)
0.000%
uem1_Rede_Oracle99.902% (99.902%)
0.000% (0.000%)
0.000% (0.000%)
0.098% (0.098%)
0.000%
uemvm-vmware Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vm-isodoc Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Postgresql100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Http100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Postgresql
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-lan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vpn-server-mk-wan Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uem1_Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average99.813% (99.813%)
0.001% (0.001%)
0.000% (0.000%)
0.186% (0.186%)
0.000%
Trend Micro - Office Scan
Update Status for Networked Computers
* itens marcados com a cor amarela possuem a mesma versão da semana anterior
Top 10 Security Risk Statistics for Networked Computers
Virus/Malware Statistics:
Virus/Malware
Name Infections
TSC_GENCLEAN 1770
TSPY_ZBOT.SKA 924
TROJ_SPNR.19G412 639
TROJ_SIREFEF.EM 375
RTKT_ZACESS.SM11 341
TROJ_SIREFEF.DD 301
TROJ_SIREFEF.QA 277
PTCH_SIREFEF.L 213
TROJ_SIREFEF.SD 207
TROJ_ZEROA.SM2 206
Last reset:22/5/2012 16:11:20
Infected Computers
Name Detections Log
UEMMBB151 3285 View
UEM-WAREHOUSE 2268 View
USER-HP 969 View
UEMFS 349 View
UEM-SAFETY 318 View
HP24565236893 273 View
UEMOP509 132 View
UEMOP709 123 View
UEMOP804 100 View
UEMZMMNT10 98 View
Last reset:22/5/2012 16:11:49
Infection Source
Name Detections
HP-DISPATCH2\ADMINISTRATOR 1210
HP33671896628\EDWIN SIKAKENA 349
HP33671896628\OLIVER CHILESHE 105
HP33671896628\GILLY NYIRENDA 98
192.168.9.242\ADMINISTRADOR 70
HP33671896628\LOMBE CHOMBA 64
U-92CFD590AD0D4\MAINTENANCE 45
192.168.4.12\KEILLA REGINA 35
192.168.9.38\ADMINISTRADOR 34
UEMOP856\LUCIANO RODRIGUES 30
Spyware/Grayware Statistics:
Spyware/Grayware
Name Infections
HKTL_KEYGEN 32
CRCK_KEYGEN 29
HKTL_CRACKCF 10
HKTL_USURF 8
ADW_SCANNER 6
CRCK_PATCH 6
ADW_BHO 6
CRCK_CRACK 5
CRCK_PATCHER 5
HKTL_HIDEWIN 3
Last reset:22/5/2012 16:11:57
Infected Computers
Name Detections Log
UEMOP423 31 View
UEMOP982 21 View
UEMOP928 12 View
UEMOP932 11 View
UEMOP954 7 View
UEMMBB262 4 View
UEMOP979 2 View
PC07VP 2 View
UEMMBB245 2 View
UEMMBB205 2 View
Last reset:22/5/2012 16:12:04