Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Relatório Semanal U&M - InvestLinux – 07/12/2010
Uptime / Last OK
Espaço em Disco OK
Dmesg OK
Logs OK
Dat Anti-Vírus OK
Top - Memória / Processos / Carga OK
Processos OK
Portas Tcp Udp Abertas OK
MRTG - Tráfego OK
MRTG - Processador OK
Ipaudit Diário OK
Ipaudit Semanal OK
Squid Reports - TopSites OK
Squid Reports - TopUsers OK
Nagios - Disponibilidade HTTP 100,00%
Nagios - Disponibilidade SMTP 99,88%
Uptime / LastUptime - Tempo Online do ServidorLast - Conexões remotas
[root@uem-gw]# uptime 11:40:12 up 57 days, 29 min, 1 user, load average: 4.19, 1.48, 1.15
[root@uem-gw]# last | sort -k 3 | morevpnuem ppp0 189.13.0.68 Mon Dec 6 19:57 - 20:30 (00:32) uem ftpd1214 189.3.236.211 Sat Dec 4 12:19 - 12:20 (00:01) uem ftpd1213 189.3.236.211 Sat Dec 4 12:19 - 12:29 (00:10) free ftpd7084 189.83.15.78 Wed Dec 1 12:14 - 12:32 (00:18) vpnuem ppp0 189.83.19.210 Mon Dec 6 22:38 - 22:40 (00:01) vpnuem ppp0 189.83.19.210 Mon Dec 6 22:41 - 22:48 (00:07) vpnuem ppp0 189.83.29.133 Thu Dec 2 22:46 - 07:44 (08:57) vpnuem ppp0 189.83.31.168 Thu Dec 2 21:59 - 22:30 (00:30) vpnuem ppp0 189.83.65.180 Sun Dec 5 20:43 - 21:11 (00:28) vpnuem ppp0 189.83.67.83 Sun Dec 5 18:01 - 20:39 (02:38) vpnuem ppp0 189.83.90.227 Sat Dec 4 21:02 - 22:17 (01:15) vpnuem ppp0 189.83.90.227 Sun Dec 5 08:07 - 17:33 (09:25) vpnuem ppp0 189.83.90.227 Sun Dec 5 17:33 - 17:35 (00:01) uem ftpd22485 189.84.30.195 Fri Dec 3 09:23 - 09:33 (00:09) uem ftpd22506 189.84.30.195 Fri Dec 3 09:23 - 09:33 (00:10) uem ftpd24441 189.84.30.195 Fri Dec 3 09:34 - 09:43 (00:08) uem ftpd24794 189.84.30.195 Fri Dec 3 09:48 - 09:58 (00:10) uem ftpd24963 189.84.30.195 Fri Dec 3 09:56 - 10:03 (00:07) uem ftpd25357 189.84.30.195 Fri Dec 3 10:13 - 10:13 (00:00) uem ftpd25469 189.84.30.195 Fri Dec 3 10:19 - 10:23 (00:04) uem ftpd28326 189.84.30.195 Fri Dec 3 10:37 - 10:38 (00:01) uem ftpd3350 189.84.30.195 Fri Dec 3 12:32 - 12:34 (00:02) uem ftpd3347 189.84.30.195 Fri Dec 3 12:32 - 12:41 (00:09) uem ftpd10299 189.84.30.195 Thu Dec 2 13:46 - 13:47 (00:00) uem ftpd10298 189.84.30.195 Thu Dec 2 13:46 - 13:56 (00:09) uem ftpd10308 189.84.30.195 Thu Dec 2 13:47 - 13:56 (00:09) uem ftpd10526 189.84.30.195 Thu Dec 2 13:57 - 14:06 (00:09) uem ftpd17828 189.84.30.195 Thu Dec 2 15:39 - 15:49 (00:09) uem ftpd17829 189.84.30.195 Thu Dec 2 15:40 - 15:45 (00:05) vpnuem ppp0 192.168.0.16 Fri Dec 3 18:00 - 18:02 (00:02) vpnuem ppp0 192.168.0.16 Fri Dec 3 18:05 - 18:31 (00:26) vpnuem ppp0 192.168.0.4 Tue Dec 7 06:59 - 08:04 (01:05) free ftpd32235 192.168.0.59 Wed Dec 1 10:10 - 10:10 (00:00) free ftpd32236 192.168.0.59 Wed Dec 1 10:11 - 10:21 (00:10) free ftpd681 192.168.0.59 Wed Dec 1 10:21 - 10:22 (00:00) vpnuem ppp1 192.168.0.63 Fri Dec 3 18:02 - 18:06 (00:03) collect ftpd6029 192.168.12.113 Tue Dec 7 05:37 - 05:40 (00:02) collect ftpd5987 192.168.12.113 Tue Dec 7 05:37 - 05:47 (00:09) collect ftpd4001 192.168.12.139 Mon Dec 6 09:12 - 09:12 (00:00) collect ftpd4002 192.168.12.139 Mon Dec 6 09:12 - 09:23 (00:10) collect ftpd5693 192.168.12.139 Mon Dec 6 09:24 - 09:33 (00:08) es1 ftpd24848 192.168.13.105 Sat Dec 4 09:47 - 09:47 (00:00)
Espaço em Disco[root@uem-gw]# df -hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 20G 16G 57% /varrun 1014M 276K 1014M 1% /var/runvarlock 1014M 4,0K 1014M 1% /var/lockudev 1014M 52K 1014M 1% /devdevshm 1014M 0 1014M 0% /dev/shm/dev/sdb1 50G 15G 33G 31% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.105/Pessoal 20G 4,9G 16G 25% /ftp/Pessoal//192.168.0.105/Public 200G 184G 17G 92% /ftp/Public//192.168.0.105/Restrito 200G 184G 17G 92% /home/Restrito//192.168.0.100/CorporeRM 47G 16G 31G 35% /home/ponto//192.168.0.105/BKP-linux 78G 54G 24G 70% /backup-remoto
Dmesg
Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral)- Sem informações relevantes -
Logs
Verificação superficial de logs do sistema: ( syslog(tmsys) / secure(tms) / squid(tmsq) )
Dat Anti-Vírus
[root@uem-gw]# freshclamClamAV update process started at Tue Dec 7 11:43:58 2010WARNING: Your ClamAV installation is OUTDATED!WARNING: Local version: 0.96.3 Recommended version: 0.96.5DON'T PANIC! Read http://www.clamav.net/support/faqmain.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)daily.cld is up to date (version: 12365, sigs: 10954, f-level: 58, builder: guitar)bytecode.cld is up to date (version: 93, sigs: 16, f-level: 54, builder: edwin)
Semana Anterior:ClamAV update process started at Mon Nov 29 16:38:24 2010 main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) daily.cld is up to date (version: 12334, sigs: 6735, f-level: 54, builder: ccordes) bytecode.cld is up to date (version: 93, sigs: 16, f-level: 54, builder: edwin)
Top - Memória / Processos / Carga- Sem informações relevantes -
Processos- Sem informações relevantes -
Portas Tcp Udp Abertas
[root@uem-gw]# netstat -ap | grep LISTEN | grep -v STREAMtcp 0 0 localhost:60000 *:* LISTEN 6506/postgrey.pid -tcp 0 0 192.168.0.1:5666 *:* LISTEN 6887/nrpe tcp 0 0 *:rsync *:* LISTEN 7070/rsync tcp 0 0 localhost:mysql *:* LISTEN 30766/mysqld tcp 0 0 *:webmin *:* LISTEN 7910/perl tcp 0 0 *:81 *:* LISTEN 13700/apache2 tcp 0 0 *:ftp *:* LISTEN 18322/proftpd: (acctcp 0 0 10.0.0.29:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.27:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.25:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.23:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.21:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.19:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.17:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.15:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.13:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.11:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.9:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.7:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.3:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.5:domain *:* LISTEN 5958/named tcp 0 0 10.0.0.1:domain *:* LISTEN 5958/named tcp 0 0 192.168.1.1:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.50:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.11:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.10:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.9:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.8:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.7:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.6:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.4:domain *:* LISTEN 5958/named tcp 0 0 200.243.57.3:domain *:* LISTEN 5958/named tcp 0 0 correio.uem.com.:domain *:* LISTEN 5958/named
tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 5958/named tcp 0 0 192.168.0.1:domain *:* LISTEN 5958/named tcp 0 0 localhost:domain *:* LISTEN 5958/named tcp 0 0 *:3128 *:* LISTEN 2220/(squid) tcp 0 0 *:smtp *:* LISTEN 7050/master tcp 0 0 localhost:953 *:* LISTEN 5958/named tcp 0 0 *:1723 *:* LISTEN 7057/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 7070/rsync tcp6 0 0 [::]:domain [::]:* LISTEN 5958/named tcp6 0 0 [::]:ssh [::]:* LISTEN 6283/sshd tcp6 0 0 [::]:3000 [::]:* LISTEN 22222/ntop tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 5958/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uem-gw:~# netstat -nap | grep LISTEN | grep -v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 6506/postgrey.pid -tcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 6887/nrpe tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7070/rsync tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 30766/mysqld tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 7910/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 13700/apache2 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 18322/proftpd: (acctcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 5958/named tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 2220/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7050/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 5958/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7057/pptpd tcp6 0 0 :::873 :::* LISTEN 7070/rsync tcp6 0 0 :::53 :::* LISTEN 5958/named tcp6 0 0 :::22 :::* LISTEN 6283/sshd tcp6 0 0 :::3000 :::* LISTEN 22222/ntop tcp6 0 0 ::1:953 :::* LISTEN 5958/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
MRTG - Tráfego*
Internet – eth1
Roteador Embratel
VPN Embratel – eth2
VPN Itaboraí – tun0
*VPN sem tráfego desde 17/04/2010. Este gráfico mostra tráfego mínimo, praticamente nulo.
VPN Yamana – tun1
VPN Juruti
VPN Rio Capim – tun4
VPN Zâmbia – tun6
VPN Parapigmentos*Sem atividade
UeM ADM – CPU Utilization
UeM ADM – Load
UeM GW – CPU Utilization
UeM GW – Load
*Os gráficos foram comparados com os da semana anterior. Em caso de alteração significativa, é feita a análise de possível problema e relatado como observação abaixo do mesmo.
Os Gráficos não comentados foram considerados normais. Caso queira análise de algum específico, basta fazer o pedido.
Ipaudit Diário
- Sem informações relevantes -
Ipaudit Semanal (Top 10)
IP Host Name Incoming(bytes)
Outgoing(bytes)
Total(bytes)
192.168.000.001 - 226,764,320 7,566,545,192 7,793,309,512
200.243.057.005 uemnotes.uem.com.br 2,491,020,693 2,292,986,441 4,784,007,134
192.168.000.103 uemnotes.uem.com.br 867,910,288 204,011,240 1,071,921,528
200.243.057.011 - 315,421,615 119,564,120 434,985,735
192.168.008.190 - 189,889,458 23,615,225 213,504,683
200.243.057.002 correio.uem.com.br 141,040,912 60,983,689 202,024,601
200.243.057.008 - 128,448,867 42,681,010 171,129,877
192.168.000.107 uemantspam.uem.com.br 128,074,512 40,810,817 168,885,329
192.168.012.221 - 126,551,562 4,073,976 130,625,538
192.168.000.105 uemfs.uem.com.br 12,374,914 108,884,131 121,259,045
Squid Reports Semanal – 28/11/2010 a 05/12/2010
Squid Reports – TopSites
NUM ACCESSED SITE CONNECT BYTES TIME
1 osce80-en.url.trendmicro.com 124.91K 82.25M 59.61M
2 armdl.adobe.com 70.41K 1.87G 132.46M
3 www.globo.com 69.57K 150.45M 17.16M
4 www.google-analytics.com 65.50K 36.23M 13.34M
5 imagem.buscape.com.br 54.56K 57.56M 4.73M
6 au.download.windowsupdate.com 42.41K 3.02G 90.65M
7 s.glbimg.com 33.92K 264.83M 12.85M
8 ad.yieldmanager.com 32.87K 133.22M 28.16M
9 www.google.com.br 31.55K 216.36M 33.05M
10 ads.img.globo.com 28.91K 205.96M 47.47M
11 clients1.google.com.br 26.20K 24.81M 8.07M
12 p2.trrsf.com.br 25.69K 45.69M 10.82M
13 portal.uem.com.br 25.35K 91.41M 18.00M
14 pixer.meaningtool.com 25.00K 45.37M 6.61M
15 www.estadao.com.br 23.55K 163.69M 19.45M
16 thumbnails.buscape.com.br 22.23K 16.59M 2.43M
17 pagead2.googlesyndication.com 21.61K 96.21M 16.73M
18 www.lusakatimes.com 21.52K 95.03M 18.69M
19 www.netshoesgrife.com 19.24K 10.79M 7.67M
20 ad.harrenmedianetwork.com 16.28K 36.89M 9.46M
Squid Reports – TopUsers
NUM USERID CONNECT BYTES %BYTES IN-CACHE-OUT ELAPSED TIME MILISEC %TIME
1 192.168.12.221 19.08K 2.31G 7.98% 0.75% 92.56% 13:01:09 46,869,301 1.53%
2 192.168.0.8 8.26K 1.34G 4.64% 1.47% 98.53% 02:11:21 7,881,647 0.26%
3 192.168.0.13 39.74K 940.82M 3.24% 3.90% 96.10% 13:14:45 47,685,986 1.56%
4 192.168.9.219 12.95K 845.07M 2.91% 1.02% 98.98% 11:23:19 40,999,594 1.34%
5 192.168.14.206 256.60K 763.76M 2.63% 17.91% 82.09% 44:15:23 159,323,229 5.20%
6 192.168.8.121 10.30K 720.06M 2.48% 1.27% 98.73% 08:09:21 29,361,773 0.96%
7 192.168.0.95 14.61K 615.02M 2.12% 1.21% 98.79% 08:46:25 31,585,803 1.03%
8 192.168.0.75 7.33K 581.03M 2.00% 1.75% 98.25% 04:13:20 15,200,671 0.50%
9 192.168.10.104 12.43K 523.22M 1.80% 0.73% 99.27% 06:26:15 23,175,190 0.76%
10 192.168.0.96 21.51K 522.04M 1.80% 4.75% 95.25% 02:30:49 9,049,676 0.30%
11 192.168.12.236 15.50K 480.15M 1.65% 1.03% 98.97% 10:41:17 38,477,984 1.26%
12 192.168.12.241 30.75K 467.99M 1.61% 3.46% 96.54% 10:18:32 37,112,837 1.21%
13 192.168.9.105 7.02K 436.53M 1.50% 0.62% 99.38% 05:17:58 19,078,479 0.62%
14 192.168.12.228 17.03K 427.82M 1.47% 1.83% 98.17% 20:20:42 73,242,681 2.39%
15 192.168.0.166 2.89K 389.92M 1.34% 2.69% 97.31% 00:44:15 2,655,783 0.09%
16 192.168.0.92 19.11K 354.16M 1.22% 6.86% 93.14% 01:42:04 6,124,573 0.20%
17 192.168.0.73 3.64K 343.10M 1.18% 3.01% 96.99% 00:56:25 3,385,699 0.11%
18 192.168.9.100 31.81K 329.59M 1.13% 22.59% 77.41% 12:48:46 46,126,030 1.51%
19 192.168.8.187 13.60K 324.55M 1.12% 5.26% 94.74% 12:42:06 45,726,663 1.49%
20 192.168.12.217 3.75K 310.52M 1.07% 2.77% 97.23% 12:21:59 44,519,967 1.45%
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IPwww.celebritymoviezone.com 192.168.12.228www.celebritynudeclips.net 192.168.12.228www.celebritysextapearchives.com 192.168.12.228www.celebritysiterank.com 192.168.12.101www.pornimghost.com 192.168.12.226
Obs1: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso de sites relacionados.
Trend Micro - InterScan Messaging Security Suite
DADOS DO SISTEMA
NOME VERSÃO CORRENTE DISPONÍVEL VERSÃO ANTERIORScan engine 9.200.1012 9.200.1012 9.120.1012Virus pattern 7.685.00 7.685.00 7.661.00Spyware/grayware pattern 0.871.00 0.871.00 0.871.00IntelliTrap pattern 0.147.00 0.147.00 0.145.00IntelliTrap exceptions 0.609.00 0.609.00 0.607.00Anti-spam engine 6.0.1038 6.0.1038 6.0.1038Spam pattern 17816.000 17816.000 17798.006IMSS Version 7.0-Build_Linux_3216 N/A
ESTATÍSTICAS
PERÍODO: ÚLTIMOS 7 DIAS
RESUMO
Scanning Conditions Total %Malicious code 3 0%Spyware/grayware 0 0%Spam 33808 25.76%Phish 0 0%Attachment 0 0%Size 0 0%Content 556 0.42%Others 0 0%Scanning exceptions 18 0.01%
GRÁFICOS – PERÍODO 28/11/2010 A 04/12/2010Spam by Action
Spam ActionsDetections Message % Size (MB)
Total spam message count 114340 100.00 335.960
Quarantined 35707 31.23 335.960
Deleted 0 0.00 0.000
Tagged 35707 31.23 335.960
Other 0 0.00 0.000
Rejected by NRS 78633 68.77 N/A
Rejected by IP Profiler 0 0.00 N/A
Top 10 Spam RecipientsRecipient Total Message Count Total Spam Msgs Spam Msgs % Spam Size (MB) Spam Size %
[email protected] 1001 322 32.17 4.331 [email protected] 533 317 59.47 4.665 [email protected] 563 266 47.25 4.312 [email protected] 414 243 58.70 3.848 [email protected] 321 235 73.21 3.649 [email protected] 453 220 48.57 1.577 [email protected] 457 219 47.92 2.459 [email protected] 259 214 82.63 3.339 [email protected] 426 213 50.00 3.846 14.85
[email protected] 259 208 80.31 1.859 49.76
Virus and Malicious Code Summary
Detections Message %
Total detections 4 100.00
Messages deleted 0 0.00
Messages quarantined 4 100.00
Attachments cleaned 0 0.00
Messages with attachments deleted 4 100.00
Messages blocked by IP Profiler 0 0.00
Top 10 Virus and Malicious Code Detections1Possible_Virus 22JS_REDIREC.SMZ 13JS_NIMDA.A 14N/A 05N/A 06N/A 07N/A 08N/A 09N/A 0
10N/A 0
Top 10 Virus RecipientsRecipient Total Message Count Total Virus Msgs Virus Msgs % Virus Size (MB) Virus Size %
[email protected] 30 1 3.33 0.699 [email protected] 166 1 0.60 0.004 [email protected] 2 1 50.00 0.004 [email protected] 8 1 12.50 0.699 96.815N/A 0 0 0.00 0.000 0.006N/A 0 0 0.00 0.000 0.007N/A 0 0 0.00 0.000 0.008N/A 0 0 0.00 0.000 0.009N/A 0 0 0.00 0.000 0.00
10N/A 0 0 0.00 0.000 0.00
CACTI – Gráficos
Período de 30/11/2010 a 07/12/2010
UEMFS
UEMICA
UEMNOTES
UEMPRD
UEMRMSA
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK% Time Warning
% Time Unknown
% Time Critical
% Time Undetermined
internet_embratel Rede_Ping99.932% (99.932%)
0.000% (0.000%)
0.000% (0.000%)
0.068% (0.068%) 0.000%
link-juruti Rede_Ping93.880% (93.880%)
0.000% (0.000%)
0.000% (0.000%)
6.120% (6.120%) 0.000%
link-riocapim Rede_Ping90.552% (90.552%)
0.035% (0.035%)
0.000% (0.000%)
9.413% (9.413%) 0.000%
link-yamana Rede_Ping99.607% (99.607%)
0.000% (0.000%)
0.000% (0.000%)
0.393% (0.393%) 0.000%
link-zambia Rede_Ping97.249% (97.249%)
0.000% (0.000%)
0.000% (0.000%)
2.751% (2.751%) 0.000%
nagios_remoto Rede_Http99.873% (99.873%)
0.000% (0.000%)
0.000% (0.000%)
0.127% (0.127%) 0.000%
router_ebt_voip Rede_Ping99.879% (99.879%)
0.000% (0.000%)
0.000% (0.000%)
0.121% (0.121%) 0.000%
Rede_Telnet99.899% (99.899%)
0.000% (0.000%)
0.000% (0.000%)
0.101% (0.101%) 0.000%
router_intel Rede_Ping99.896% (99.896%)
0.000% (0.000%)
0.000% (0.000%)
0.104% (0.104%) 0.000%
Rede_Telnet99.899% (99.899%)
0.000% (0.000%)
0.000% (0.000%)
0.101% (0.101%) 0.000%
site_embratel Rede_Ping99.949% (99.949%)
0.000% (0.000%)
0.000% (0.000%)
0.051% (0.051%) 0.000%
storage-119 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
storage-120 Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
switch-3com-B Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
switch-3com-C Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
switch-3com-D Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
switch-3com-E Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
switch-3com-F Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
uem-adm Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Processos100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Users100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Rede_Http:82100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Rede_Ping100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Rede_SSH100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
uem-gw Local_Carga100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Disk_Root100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Disk_backup
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%) 0.000%
Local_Disk_bkpremoto
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_pessoal
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_ftp_public
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Disk_home_ponto
99.950% (99.950%)
0.000% (0.000%)
0.000% (0.000%)
0.050% (0.050%)
0.000%
Local_Disk_home_restrito
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Processos 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Local_Users 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Dns 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ftp 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Http:81 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SSH 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Squid:3128 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemantspam-imss Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TrendImss 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TrendPolices
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemap-aplicacao Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uembdc Rede_Active Directory
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uembes-blackberry Rede_Http 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_LotusDomino
100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemdev Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemfs-fileserver Rede_Http 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_NetBios 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemica-metaframe Rede_Http 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Metaframe 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_TS 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemmine-database Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Sql 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemnotes-correio Rede_Https 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ldap 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Smtp 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemprd Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_SAP 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
uemrmsa-database Rede_Oracle 99.919% (99.919%)
0.000% (0.000%)
0.000% (0.000%)
0.081% (0.081%)
0.000%
Rede_Ping 99.919% (99.919%)
0.000% (0.000%)
0.000% (0.000%)
0.081% (0.081%)
0.000%
uemvm-vmware Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
vm-isodoc Rede_Http 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Rede_Postgresql 100.000% (100.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000% (0.000%)
0.000%
Average 99.732% (99.732%)
0.000% (0.000%)
0.000% (0.000%)
0.268% (0.268%)
0.000%
NTOP
Trend Micro - Office Scan
Update Status for Networked Computers
* itens marcados com a cor amarela possuem a mesma versão da semana anterior
Top 10 Security Risk Statistics for Networked Computers
Virus/Malware Statistics:
Virus/Malware
Name Infections
HTML_IFRAME.AUO 13597
Mal_Otorun1 4005
PE_MABEZAT.B-O 3835
Mal_Sality 1607
TSC_GENCLEAN 1224
WORM_OTOIT.SMT 1181
TROJ_Generic.DIT 1098
TROJ_DLOADE.FF 975
Mal_Otorun2 940
PAK_Generic.001 890
Infected Computers
Name Detections Log
UEMMBB27 8264 View
UEMMBB202 5328 View
SAFETY 4101 View
UEMPABX 1122 View
UEMFS 700 View
UEMMBB312 443 View
UEMOP956 349 View
UEMOP509 247 View
UEMOP954 247 View
UEMMBB204 238 View
Infection Source
Name Detections
192.168.9.242\ADMINISTRADOR 70
192.168.4.12\KEILLA REGINA 35
192.168.9.38\ADMINISTRADOR 34
\\192.168.0.133\GUEST 22
\\192.168.0.131\GUEST 21
RAR-29A45523705\ROTINARC 19
192.168.9.250\ADMINISTRADOR 16
\\[fe80::c5b5:9711:6e96:4124]\Guest 16
\\UEMZMSPL\Guest 16
\\UEMZMSPL\ANONYMOUS LOGON 16
Spyware/Grayware Statistics:
Spyware/Grayware
Name Infections
GRAY_Gen 171
HKTL_ULTRASURF 76
SPYW_ARDAKEY 69
GRAY_GEN.0Z1013S 69
CRCK_KEYGEN 50
ADW_SAVENOW.BO 29
HKTL_USURF 25
GRAY_Sml 22
CRCK_JBEAN 21
ADW_WEBDIR.AC 12
Infected Computers
Name Detections Log
UEMFS 217 View
UEMPABX 71 View
UEMICA 69 View
UEMOP421 14 View
UEMMBB163 13 View
UEMOP964 10 View
UEMMBB53 8 View
UEMOP416 5 View
UEMOP954 5 View
UEMMBB01 4 View