Relatório Semanal U&M - InvestLinux –...
Transcript of Relatório Semanal U&M - InvestLinux –...
Relatório Semanal U&M - InvestLinux – 10/09/2012
Uptime / Last OK
Espaço em Disco OK
Dmesg OK
Logs OK
Dat Anti-Vírus OK
Top - Memória / Processos / Carga OK
Processos OK
Portas Tcp Udp Abertas OK
MRTG - Tráfego OK
MRTG - Processador OK
Ipaudit Diário OK
Ipaudit Semanal OK
Squid Reports - TopSites OK
Squid Reports - TopUsers OK
Nagios - Disponibilidade HTTP 100,00%
Nagios - Disponibilidade SMTP 100,00%
Uptime / LastUptime (Tempo Online do Servidor) Last (Conexões remotas)
[root@uem-gw]# uptime 22:03:03 up 68 days, 7:31, 2 users, load average: 0.16, 0.11, 0.11
[root@uem-gw]# last | sort -k 3 | morevpnuem ppp0 177.182.1.104 Thu Sep 6 16:48 - 16:55 (00:07) ftp ftpd22346 177.78.100.116 Wed Sep 5 14:45 - 14:51 (00:06) uem ftpd17884 189.3.236.211 Fri Sep 7 08:33 - 08:33 (00:00) uem ftpd17899 189.3.236.211 Fri Sep 7 08:33 - 08:35 (00:01) uem ftpd20421 189.3.236.211 Fri Sep 7 08:36 - 08:36 (00:00) uem ftpd20441 189.3.236.211 Fri Sep 7 08:36 - 08:41 (00:04) vpnuem ppp0 189.3.236.211 Mon Sep 10 09:18 - 10:29 (01:10) vpnuem ppp0 189.3.236.211 Mon Sep 10 10:39 - 10:42 (00:03) vpnuem ppp0 189.3.236.211 Mon Sep 10 11:32 - 13:25 (01:52) vpnuem ppp0 189.83.132.147 Sun Sep 2 11:45 - 13:12 (01:27) vpnuem ppp0 189.83.132.147 Sun Sep 2 20:23 - 20:33 (00:09) uemcc ftpd6550 190.242.110.138 Mon Sep 10 20:55 - 21:05 (00:09) uemcc ftpd6553 190.242.110.138 Mon Sep 10 20:55 - 21:40 (00:44) uemcc ftpd13868 192.168.0.168 Mon Sep 10 16:41 - 16:41 (00:00) uemcc ftpd13870 192.168.0.168 Mon Sep 10 16:41 - 16:51 (00:10) uemcc ftpd23435 192.168.0.168 Mon Sep 10 18:24 - 18:24 (00:00) uemcc ftpd23453 192.168.0.168 Mon Sep 10 18:24 - 18:34 (00:10) root pts/1 192.168.0.172 Wed Sep 5 13:43 - 14:03 (00:19) uem ftpd30805 192.168.0.199 Thu Sep 6 16:47 - 16:47 (00:00) uem ftpd30809 192.168.0.199 Thu Sep 6 16:47 - 16:47 (00:00) uemcc ftpd23071 192.168.0.214 Mon Sep 10 18:22 - 18:22 (00:00) uemcc ftpd23111 192.168.0.214 Mon Sep 10 18:22 - 18:24 (00:01) collect ftpd12862 192.168.12.242 Tue Sep 4 10:44 - 10:44 (00:00) collect ftpd12870 192.168.12.242 Tue Sep 4 10:44 - 10:54 (00:10) collect ftpd13855 192.168.12.242 Tue Sep 4 11:04 - 11:15 (00:11) free ftpd15715 192.168.6.113 Tue Sep 4 11:22 - 11:22 (00:00) free ftpd15774 192.168.6.113 Tue Sep 4 11:22 - 11:32 (00:10) epsa ftpd27264 90.red-81-45-239 Tue Sep 4 12:54 - 13:13 (00:19) ftp ftpd13851 alloy.tomsk.ru Mon Sep 3 05:54 - 05:54 (00:00) free ftpd2099 mxrio.andrade.ad Mon Sep 10 10:12 - 10:23 (00:10) free ftpd7568 mxrio.andrade.ad Mon Sep 10 10:56 - 11:08 (00:11) free ftpd12893 mxrio.andrade.ad Mon Sep 10 11:43 - 11:57 (00:13) free ftpd21543 mxrio.andrade.ad Mon Sep 10 18:12 - 18:25 (00:13) free ftpd30253 mxrio.andrade.ad Wed Sep 5 15:58 - 16:11 (00:13) free ftpd30660 mxrio.andrade.ad Wed Sep 5 16:05 - 16:15 (00:10) free ftpd31402 mxrio.andrade.ad Wed Sep 5 16:18 - 16:24 (00:05) free ftpd32019 mxrio.andrade.ad Wed Sep 5 16:24 - 16:24 (00:00) free ftpd1341 mxrio.andrade.ad Wed Sep 5 16:28 - 16:35 (00:07)
Espaço em Disco[root@uem-gw]# df -hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 30G 5,7G 85% /varrun 1014M 268K 1014M 1% /var/runvarlock 1014M 0 1014M 0% /var/lockudev 1014M 52K 1014M 1% /devdevshm 1014M 0 1014M 0% /dev/shm/dev/sdb1 50G 19G 30G 39% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.105/BKP-linux 30G 15G 16G 50% /backup-remoto//192.168.0.105/Pessoal 20G 16G 4,5G 78% /ftp/Pessoal//192.168.0.105/Public 200G 160G 41G 80% /ftp/Public//192.168.0.105/Restrito 200G 160G 41G 80% /home/Restrito//192.168.0.100/CorporeRM 47G 23G 25G 48% /home/ponto
Dmesg
Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral)- Sem informações relevantes -
Logs
Verificação superficial de logs do sistema: ( syslog(tmsys) / secure(tms) / squid(tmsq) )
Dat Anti-Vírus
[root@uem-gw]# freshclamClamAV update process started at Mon Sep 10 22:11:38 2012main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)daily.cld is up to date (version: 15339, sigs: 261597, f-level: 63, builder: guitar)bytecode.cld is up to date (version: 188, sigs: 38, f-level: 63, builder: neo)
Semana Anterior:ClamAV update process started at Tue Sep 4 12:46:58 2012 main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 15311, sigs: 260527, f-level: 63, builder: neo) bytecode.cld is up to date (version: 188, sigs: 38, f-level: 63, builder: neo)
Top - Memória / Processos / Carga- Sem informações relevantes -
Processos- Sem informações relevantes -
Portas Tcp Udp Abertas[root@uem-gw]# netstat -ap | grep LISTEN | grep -v STREAMtcp 0 0 localhost:60000 *:* LISTEN 6444/postgrey.pid -tcp 0 0 *:10050 *:* LISTEN 906/zabbix_agentdtcp 0 0 192.168.0.1:5666 *:* LISTEN 6951/nrpe tcp 0 0 *:rsync *:* LISTEN 7172/rsync tcp 0 0 localhost:mysql *:* LISTEN 6364/mysqld tcp 0 0 *:webmin *:* LISTEN 8855/perl tcp 0 0 *:81 *:* LISTEN 7402/apache2 tcp 0 0 *:ftp *:* LISTEN 23649/proftpd: (acctcp 0 0 200.199.9.234:domain *:* LISTEN 6032/named tcp 0 0 192.168.0.2:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.29:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.27:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.25:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.23:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.21:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.19:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.17:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.15:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.13:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.11:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.9:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.7:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.3:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.5:domain *:* LISTEN 6032/named tcp 0 0 10.0.0.1:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.12:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.50:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.11:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.10:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.9:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.8:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.7:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.6:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.4:domain *:* LISTEN 6032/named tcp 0 0 200.243.57.3:domain *:* LISTEN 6032/named tcp 0 0 correio.uem.com.:domain *:* LISTEN 6032/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 6032/named tcp 0 0 192.168.0.1:domain *:* LISTEN 6032/named tcp 0 0 localhost:domain *:* LISTEN 6032/named tcp 0 0 *:ssh *:* LISTEN 22632/sshd
tcp 0 0 *:3128 *:* LISTEN 10417/(squid) tcp 0 0 *:smtp *:* LISTEN 7153/master tcp 0 0 localhost:953 *:* LISTEN 6032/named tcp 0 0 *:1723 *:* LISTEN 7160/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 7172/rsync tcp6 0 0 [::]:domain [::]:* LISTEN 6032/named tcp6 0 0 [::]:ssh [::]:* LISTEN 22632/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 6032/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.
root@uem-gw:~# netstat -nap | grep LISTEN | grep -v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 6444/postgrey.pid -tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 906/zabbix_agentdtcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 6951/nrpe tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7172/rsync tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 6364/mysqld tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 8855/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 7402/apache2 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23649/proftpd: (acctcp 0 0 200.199.9.234:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 6032/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 22632/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 10417/(squid) tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7153/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 6032/named tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7160/pptpd tcp6 0 0 :::873 :::* LISTEN 7172/rsync tcp6 0 0 :::53 :::* LISTEN 6032/named tcp6 0 0 :::22 :::* LISTEN 22632/sshd tcp6 0 0 ::1:953 :::* LISTEN 6032/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.
MRTG - Tráfego*
Internet – eth1
Roteador Embratel
Link Oi – eth2
VPN Yamana – tun1
VPN Juruti
VPN Rio Capim – tun4
VPN Zâmbia – tun6
VPN Carajás – tun7
Roteador Jangada – 189.52.77.26
UeM ADM – CPU Utilization
UeM ADM – Load
UeM GW – CPU Utilization
UeM GW – Load
*Os gráficos foram comparados com os da semana anterior. Em caso de alteração significativa, é feita a análise de possível problema e relatado como observação abaixo do mesmo.Os Gráficos não comentados foram considerados normais. Caso queira análise de algum específico, basta fazer o pedido.
Ipaudit Diário
- Sem informações relevantes -
Ipaudit Semanal (Top 10)
IP Host Name Incoming(bytes)
Outgoing(bytes)
Total(bytes)
200.243.057.005 uemnotes.uem.com.br 7,301,786,612 19,789,651,079 27,091,437,691
200.243.057.002 correio.uem.com.br 14,343,023,516 2,044,672,907 16,387,696,423
192.168.000.001 - 1,714,996,205 7,664,975,359 9,379,971,564
200.243.057.011 - 4,479,548,402 2,984,374,405 7,463,922,807
200.243.057.008 - 4,621,210,565 1,225,838,889 5,847,049,454
192.168.000.103 uemnotes.uem.com.br 1,309,029,610 2,464,195,111 3,773,224,721
192.168.000.107 uemantspam.uem.com.br 1,487,329,892 601,342,675 2,088,672,567
192.168.000.039 uemmbb215.uem.com.br 1,037,749,164 39,893,134 1,077,642,298
192.168.000.172 uemmbb45.uem.com.br 509,176,157 304,791,559 813,967,716
192.168.000.057 uemmbb45.uem.com.br 208,891,805 540,627,972 749,519,777
Squid Reports Semanal – 02/09/2012 a 09/09/2012
Squid Reports – TopSites
NUMACCESSED SITE CONNECT BYTES TIME
1 s.glbimg.com 270.23K 776.52M 54.40M
2 osce80-en.url.trendmicro.com 183.51K 124.36M 76.10M
3 s2.glbimg.com 178.86K 642.91M 50.21M
4 www.cvc.com.br 170.71K 263.95M 217.86K
5 mail.yimg.com 99.27K 227.02M 9.46M
6 au.download.windowsupdate.com 92.50K 3.57G 238.49M
7 www.google-analytics.com 60.45K 46.34M 8.58M
8 www.google.com.br 44.89K 536.61M 56.74M
9 clients1.google.com.br 42.24K 34.34M 9.81M
10 download.windowsupdate.com 42.21K 1.38G 103.54M
11 ads.img.globo.com 36.55K 141.85M 22.89M
12 pagead2.googlesyndication.com 33.99K 291.25M 28.83M
13 ads.globo.com 30.78K 25.99M 2.90M
14 googleads.g.doubleclick.net 30.48K 58.44M 8.38M
15 us.mg5.mail.yahoo.com 26.16K 45.51M 2.64M
16 api.globo.com 22.55K 23.05M 2.46M
17 www.google.com 22.06K 157.90M 28.34M
18 br.mg5.mail.yahoo.com 19.89K 38.68M 2.75M
19 us.mg6.mail.yahoo.com 19.83K 37.25M 2.57M
20 www.beforward.jp 19.09K 222.83M 47.32M
Squid Reports – TopUsers
Squid Reports – Tentativas de acesso a Sites Indevidos
LOCAL ACESSADO IPwww.adultblogtoplist.com 192.168.13.149www.adulttop50.nl 192.168.12.158www.assistirporno.net 192.168.13.149www.carlinha.org 192.168.13.149www.gatasdeuberlandia.com.br 192.168.8.142www.gatasemgoiania.com.br 192.168.0.244www.linhaquente.com 192.168.13.149www.penis10.com 192.168.13.149www.putariabrasileira.com 192.168.13.149www.putascaseiras.com 192.168.13.184www.sexlog.com.br 192.168.13.149
Obs1: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso de sites relacionados.
Obs2: Não estão sendo reportadas mais as URLs do facebook, já bloqueadas.
Trend Micro - InterScan Messaging Security Suite
DADOS DO SISTEMA
NOME VERSÃO CORRENTE DISPONÍVEL VERSÃO ANTERIORScan engine 9.500.1005 9.500.1005 9.500.1005Virus pattern 9.383.00 9.383.00 9.369.00Spyware/grayware pattern 1.325.00 1.325.00 1.321.00IntelliTrap pattern 0.167.00 0.167.00 0.167.00IntelliTrap exceptions 0.799.00 0.799.00 0.799.00Anti-spam engine 6.800.1017 6.800.1017 6.800.1017Spam pattern 19176.003 19176.003 19162.000URL Filtering Engine 3.500.1047 3.000.1029 3.500.1047
GRÁFICOS – PERÍODO 02/09/2012 A 08/09/2012
Scanning ConditionsTotal Message % Incoming Outgoing
Total message count 95103 100.00 90534 4569
Virus or malicious code 0 0.00 0 0
Spyware/grayware 0 0.00 0 0
Spam 13370 14.06 13348 22
Phish 5 0.01 5 0
Suspicious URLs - Web Reputation 0 0.00 0 0
DKIM enforcement 0 0.00 0 0
Attachment 1 0.00 1 0
Size 63 0.07 45 18
Content 247 0.26 231 16
Compliance 0 0.00 0 0
Others 0 0.00 0 0
Scanning exceptions 0 0.00 0 0
Spam Tagged by Cloud Pre-Filter 0 0.00 0 0
IP Profiler 970 1.02 970 0
Email reputation 56120 59.01 56120 0
Clean email 24327 25.58 19814 4513
Trend Micro Email Encryption 0 0.00 0 0
Spam by Action
Spam ActionsDetections Message % Size (MB)
Total spam message count 70460 100.00 258.040
Quarantined 13370 18.98 258.040
Deleted 0 0.00 0.000
Tagged 13368 18.97 258.031
Other 0 0.00 0.000
Rejected by Email reputation 56120 79.65 N/A
Rejected by IP Profiler 970 1.38 N/A
Top 10 Spam RecipientsRecipient Total Message Count Total Spam Msgs Spam Msgs % Spam Size (MB) Spam Size %
[email protected] 894 282 31.54 7.103 [email protected] 495 271 54.75 13.511 [email protected] 491 254 51.73 5.279 [email protected] 523 250 47.80 3.669 [email protected] 411 223 54.26 10.626 [email protected] 311 214 68.81 4.716 [email protected] 358 212 59.22 4.684 [email protected] 413 202 48.91 4.058 [email protected] 231 196 84.85 3.051 80.87
[email protected] 528 191 36.17 3.659 15.13
Virus and Malicious Code Summary
Detections Message %
Total detections 0 0.00
Messages deleted 0 0.00
Messages quarantined 0 0.00
Attachments cleaned 0 0.00
Messages with attachments deleted 0 0.00
Messages blocked by IP Profiler 0 0.00
Top 10 Virus and Malicious Code Detections1N/A 02N/A 03N/A 04N/A 05N/A 06N/A 07N/A 08N/A 09N/A 0
10N/A 0
Top 10 Virus RecipientsRecipient Total Message Count Total Virus Msgs Virus Msgs % Virus Size (MB) Virus Size %
1N/A 0 0 0.00 0.000 0.002N/A 0 0 0.00 0.000 0.003N/A 0 0 0.00 0.000 0.004N/A 0 0 0.00 0.000 0.005N/A 0 0 0.00 0.000 0.006N/A 0 0 0.00 0.000 0.007N/A 0 0 0.00 0.000 0.008N/A 0 0 0.00 0.000 0.009N/A 0 0 0.00 0.000 0.00
10N/A 0 0 0.00 0.000 0.00
CACTI – Gráficos
Período de 03/09/2012 a 10/09/2012
UEMFS
UEMICA
UEMNOTES
UEMPRD
UEMRMSA
Nagios
Disponibilidade – últimos 7 dias
Host Service % Time OK % Time Warning
% Time Unknown % Time Critical % Time Undetermined
internet_embratel Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
internet_oi Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
link-carajas Rede_Ping 98.857% (98.857%)
0.000% (0.000%) 0.000% (0.000%) 1.143%
(1.143%) 0.000%
link-ebt-jangada Rede_Ping 90.114% (90.114%)
0.000% (0.000%) 0.000% (0.000%) 9.886%
(9.886%) 0.000%
link-jangada Rede_Ping 95.491% (95.491%)
0.000% (0.000%) 0.000% (0.000%) 4.509%
(4.509%) 0.000%
link-juruti Rede_Ping 98.840% (98.840%)
0.000% (0.000%) 0.000% (0.000%) 1.160%
(1.160%) 0.000%
uem1_Rede_Ping 99.903% (99.903%)
0.097% (0.097%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
link-riocapim Rede_Ping 91.186% (91.186%)
0.000% (0.000%) 0.000% (0.000%) 8.814%
(8.814%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
link-vlopes Rede_Ping 98.162% (98.162%)
0.000% (0.000%) 0.000% (0.000%) 1.838%
(1.838%) 0.000%
uem1_Rede_Ping 99.559% (99.559%)
0.000% (0.000%) 0.000% (0.000%) 0.441%
(0.441%) 0.000%
link-yamana Rede_Ping 96.463% (96.463%)
0.000% (0.000%) 0.000% (0.000%) 3.537%
(3.537%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
link-zambia Rede_Ping 82.584% (82.584%)
0.000% (0.000%) 0.000% (0.000%) 17.416%
(17.416%) 0.000%
uem1_Rede_Ping 99.721% (99.721%)
0.000% (0.000%) 0.000% (0.000%) 0.279%
(0.279%) 0.000%
nagios_remoto Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
router_cisco Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Telnet 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
storage-119 Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
storage-120 Rede_Ping 99.950% (99.950%)
0.050% (0.050%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
switch-3com-B Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
switch-3com-C Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
switch-3com-D Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
switch-3com-E Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
switch-3com-F Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem-adm Local_Carga 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_Root 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Processos 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Users 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Http:82 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_SSH 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem-gw Local_Carga 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_Root 92.652% (92.652%)
7.348% (7.348%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_backup 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_bkpremoto 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_ftp_pessoal 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_ftp_public 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_home_ponto 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Disk_home_restrito
100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Processos 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Local_Users 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Dns 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ftp 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Http:81 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_SSH 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Squid:3128 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Local_Disk_ftp_public
100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Local_Disk_home_ponto
100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemantspam-imss Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_SSH 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemap-aplicacao Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uembdc Rede_Active Directory 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Active Directory
100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uembes-blackberry Rede_Http 99.925% (99.925%)
0.000% (0.000%) 0.000% (0.000%) 0.075%
(0.075%) 0.000%
Rede_LotusDomino 99.184% (99.184%)
0.000% (0.000%) 0.000% (0.000%) 0.816%
(0.816%) 0.000%
Rede_Ping 93.011% (93.011%)
0.099% (0.099%) 0.000% (0.000%) 6.890%
(6.890%) 0.000%
uemdev Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_SAP 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemfs-fileserver Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_NetBios 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_NetBios 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemica-metaframe Rede_Http 99.949% (99.949%)
0.000% (0.000%) 0.000% (0.000%) 0.051%
(0.051%) 0.000%
Rede_Metaframe 99.957% (99.957%)
0.000% (0.000%) 0.000% (0.000%) 0.043%
(0.043%) 0.000%
Rede_Ping 99.955% (99.955%)
0.000% (0.000%) 0.000% (0.000%) 0.045%
(0.045%) 0.000%
Rede_TS 99.950% (99.950%)
0.000% (0.000%) 0.000% (0.000%) 0.050%
(0.050%) 0.000%
uem1_Rede_Metaframe 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_TS 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemmine-database Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Sql 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Sql 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemnotes-correio Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Https 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ldap 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Smtp 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Https 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Smtp 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemprd Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_SAP 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_SAP 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemrmsa-database Rede_Oracle 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Oracle 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uemvm-vmware Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
vm-isodoc Rede_Http 99.955% (99.955%)
0.000% (0.000%) 0.000% (0.000%) 0.045%
(0.045%) 0.000%
Rede_Ping 99.901% (99.901%)
0.050% (0.050%) 0.000% (0.000%) 0.050%
(0.050%) 0.000%
Rede_Postgresql 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Http 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Postgresql 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
vpn-server-mk-lan Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
vpn-server-mk-wan Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
uem1_Rede_Ping 100.000% (100.000%)
0.000% (0.000%) 0.000% (0.000%) 0.000%
(0.000%) 0.000%
Average 99.365% (99.365%)
0.075% (0.075%) 0.000% (0.000%) 0.560%
(0.560%) 0.000%
Trend Micro - Office Scan
Update Status for Networked Computers
* itens marcados com a cor amarela possuem a mesma versão da semana anterior
Top 10 Security Risk Statistics for Networked Computers
Virus/Malware Statistics:
Virus/Malware
Name Infections
TSC_GENCLEAN 1593
TSPY_ZBOT.SKA 924
TROJ_SPNR.19G412 509
TROJ_SIREFEF.EM 375
RTKT_ZACESS.SM11 341
TROJ_SIREFEF.DD 301
TROJ_SIREFEF.QA 277
PTCH_SIREFEF.L 213
TROJ_SIREFEF.SD 207
TROJ_SIREFEF.ERO 206
Last reset:22/5/2012 16:11:20
Infected Computers
Name Detections Log
UEMMBB151 2694 View
UEM-WAREHOUSE 2263 View
USER-HP 969 View
UEM-SAFETY 318 View
UEMFS 305 View
HP24565236893 267 View
UEMOP509 132 View
UEMOP709 123 View
UEMOP804 100 View
UEMZMMNT10 98 View
Last reset:22/5/2012 16:11:49
Infection Source
Name Detections
HP-DISPATCH2\ADMINISTRATOR 1210
HP33671896628\EDWIN SIKAKENA 349
HP33671896628\OLIVER CHILESHE 105
HP33671896628\GILLY NYIRENDA 98
192.168.9.242\ADMINISTRADOR 70
HP33671896628\LOMBE CHOMBA 64
U-92CFD590AD0D4\MAINTENANCE 45
192.168.4.12\KEILLA REGINA 35
192.168.9.38\ADMINISTRADOR 34
UEMOP856\LUCIANO RODRIGUES 30
Spyware/Grayware Statistics:
Spyware/Grayware
Name Infections
HKTL_KEYGEN 32
CRCK_KEYGEN 29
HKTL_CRACKCF 10
HKTL_USURF 7
CRCK_PATCH 6
ADW_BHO 6
CRCK_PATCHER 5
CRCK_CRACK 4
HKTL_HIDEWIN 3
ADW_SCANNER 2
Last reset:22/5/2012 16:11:57
Infected Computers
Name Detections Log
UEMOP423 31 View
UEMOP982 21 View
UEMOP932 11 View
UEMOP928 11 View
UEMOP954 7 View
UEMMBB262 4 View
PC07VP 2 View
UEMMBB245 2 View
UEMOP933 1 View
UEMMBB28 1 View
Last reset:22/5/2012 16:12:04