26
Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço em Disco OK Dmesg OK Logs OK Dat Anti-Vírus OK Top - Memória / Processos / Carga OK Processos OK Portas Tcp Udp Abertas OK MRTG - Tráfego OK MRTG - Processador OK Ipaudit Diário OK Ipaudit Semanal OK Squid Reports - TopSites OK Squid Reports - TopUsers OK Nagios - Disponibilidade HTTP 99,58% Nagios - Disponibilidade SMTP 99,77%

Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

  • Upload
    others

  • View
    2

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Relatório Semanal U&M - InvestLinux – 03/01/2011

Uptime / Last OK

Espaço em Disco OK

Dmesg OK

Logs OK

Dat Anti-Vírus OK

Top - Memória / Processos / Carga OK

Processos OK

Portas Tcp Udp Abertas OK

MRTG - Tráfego OK

MRTG - Processador OK

Ipaudit Diário OK

Ipaudit Semanal OK

Squid Reports - TopSites OK

Squid Reports - TopUsers OK

Nagios - Disponibilidade HTTP 99,58%

Nagios - Disponibilidade SMTP 99,77%

Page 2: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Uptime / LastUptime - Tempo Online do ServidorLast - Conexões remotas

[root@uem-gw]# uptime 11:01:21 up 6 days, 21:20, 1 user, load average: 0.43, 0.20, 0.12

[root@uem-gw]# last | sort -k 3 | moreil-adm pts/0 200.243.67.66 Mon Jan 3 11:01 still logged in il-adm pts/0 200.243.67.66 Sun Jan 2 17:04 - 17:11 (00:07) ftp ftpd25107 213.219.217.76 Sun Jan 2 01:31 - 01:31 (00:00) wtmp begins Sun Jan 2 01:31:19 2011

Espaço em Disco[root@uem-gw]# df -hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 18G 18G 51% / varrun 1014M 264K 1014M 1% /var/run varlock 1014M 4,0K 1014M 1% /var/lock udev 1014M 52K 1014M 1% /dev devshm 1014M 0 1014M 0% /dev/shm /dev/sdb1 50G 15G 33G 31% /backup /dev/sda1 471M 140M 308M 32% /boot //192.168.0.105/Pessoal 20G 5,0G 15G 25% /ftp/Pessoal //192.168.0.105/Public 200G 189G 12G 95% /ftp/Public //192.168.0.105/Restrito 200G 189G 12G 95% /home/Restrito //192.168.0.100/CorporeRM 47G 16G 31G 35% /home/ponto //192.168.0.105/BKP-linux 78G 55G 23G 72% /backup-remoto

Page 3: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Dmesg

Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral)- Sem informações relevantes -

Logs

Verificação superficial de logs do sistema: ( syslog(tmsys) / secure(tms) / squid(tmsq) )

Dat Anti-Vírus

[root@uem-gw]# freshclamClamAV update process started at Mon Jan 3 11:10:50 2011 main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) daily.cld is up to date (version: 12472, sigs: 13615, f-level: 58, builder: ccordes) bytecode.cld is up to date (version: 114, sigs: 27, f-level: 58, builder: edwin)

Semana Anterior:ClamAV update process started at Mon Dec 27 08:58:01 2010 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.96.3 Recommended version: 0.96.5 DON'T PANIC! Read http://www.clamav.net/support/faq main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) daily.cld is up to date (version: 12442, sigs: 12142, f-level: 58, builder: guitar) bytecode.cld is up to date (version: 114, sigs: 27, f-level: 58, builder: edwin)

Top - Memória / Processos / Carga- Sem informações relevantes -

Processos- Sem informações relevantes -

Portas Tcp Udp Abertas

[root@uem-gw]# netstat -ap | grep LISTEN | grep -v STREAMtcp 0 0 localhost:60000 *:* LISTEN 6597/postgrey.pid - tcp 0 0 192.168.0.1:5666 *:* LISTEN 31603/nrpe tcp 0 0 *:rsync *:* LISTEN 7174/rsync tcp 0 0 localhost:mysql *:* LISTEN 6514/mysqld tcp 0 0 *:webmin *:* LISTEN 8136/perl tcp 0 0 *:81 *:* LISTEN 7413/apache2 tcp 0 0 *:ftp *:* LISTEN 15040/proftpd: (acc tcp 0 0 10.0.0.29:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.27:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.25:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.23:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.21:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.19:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.17:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.15:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.13:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.11:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.9:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.7:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.3:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.5:domain *:* LISTEN 23871/named tcp 0 0 10.0.0.1:domain *:* LISTEN 23871/named tcp 0 0 192.168.1.1:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.50:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.11:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.10:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.9:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.8:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.7:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.6:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.4:domain *:* LISTEN 23871/named tcp 0 0 200.243.57.3:domain *:* LISTEN 23871/named tcp 0 0 correio.uem.com.:domain *:* LISTEN 23871/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 23871/named

Page 4: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

tcp 0 0 192.168.0.1:domain *:* LISTEN 23871/named tcp 0 0 localhost:domain *:* LISTEN 23871/named tcp 0 0 *:3128 *:* LISTEN 7536/(squid) tcp 0 0 localhost:953 *:* LISTEN 23871/named tcp 0 0 *:smtp *:* LISTEN 7155/master tcp 0 0 *:1723 *:* LISTEN 7162/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 7174/rsync tcp6 0 0 [::]:domain [::]:* LISTEN 23871/named tcp6 0 0 [::]:ssh [::]:* LISTEN 6411/sshd tcp6 0 0 [::]:3000 [::]:* LISTEN 7011/ntop tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 23871/namedObs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.

root@uem-gw:~# netstat -nap | grep LISTEN | grep -v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 6597/postgrey.pid - tcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 31603/nrpe tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7174/rsync tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 6514/mysqld tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 8136/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 7413/apache2 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 15040/proftpd: (acc tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 23871/named tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 7536/(squid) tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 23871/named tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7155/master tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7162/pptpd tcp6 0 0 :::873 :::* LISTEN 7174/rsync tcp6 0 0 :::53 :::* LISTEN 23871/named tcp6 0 0 :::22 :::* LISTEN 6411/sshd tcp6 0 0 :::3000 :::* LISTEN 7011/ntop tcp6 0 0 ::1:953 :::* LISTEN 23871/namedObs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.

Page 5: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

MRTG - Tráfego*

Internet – eth1

Roteador Embratel

VPN Embratel – eth2

VPN Itaboraí – tun0

*VPN sem tráfego desde 17/04/2010. Este gráfico mostra tráfego mínimo, praticamente nulo.

Page 6: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

VPN Yamana – tun1

VPN Juruti

*Tráfego elevado no dia 29/12/2010 (quarta-feira), porém não foi possível detectar a origem do mesmo, por não estar entre os top 20.

VPN Rio Capim – tun4

VPN Zâmbia – tun6

VPN Parapigmentos*Sem atividade

Page 7: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UeM ADM – CPU Utilization

UeM ADM – Load

UeM GW – CPU Utilization

UeM GW – Load

*Os gráficos foram comparados com os da semana anterior. Em caso de alteração significativa, é feita a análise de possível problema e relatado como observação abaixo do mesmo.

Os Gráficos não comentados foram considerados normais. Caso queira análise de algum específico, basta fazer o pedido.

Page 8: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Ipaudit Diário

- Sem informações relevantes -

Ipaudit Semanal (Top 10)

IP Host Name Incoming(bytes)

Outgoing(bytes)

Total(bytes)

192.168.000.001 - 2,153,215,461 13,964,014,236 16,117,229,697

200.243.057.005 uemnotes.uem.com.br 6,610,658,265 8,103,342,021 14,714,000,286

200.243.057.011 - 2,667,357,221 602,917,057 3,270,274,278

192.168.000.103 uemnotes.uem.com.br 2,247,419,289 498,504,412 2,745,923,701

192.168.012.115 - 1,419,575,518 349,215,494 1,768,791,012

192.168.008.190 uemop959.uem.com.br 726,065,018 91,314,989 817,380,007

192.168.012.229 - 412,128,801 24,701,534 436,830,335

192.168.000.107 uemantspam.uem.com.br 261,218,324 131,299,643 392,517,967

192.168.010.229 - 327,264,427 25,414,264 352,678,691

192.168.012.242 - 297,907,086 15,467,329 313,374,415

Squid Reports Semanal – 26/12/2010 a 02/01/2011

Squid Reports – TopSites

NUM ACCESSED SITE CONNECT BYTES TIME

1 osce80-en.url.trendmicro.com 92.71K 61.38M 41.23M

2 www.google-analytics.com 51.32K 30.25M 9.43M

3 s.glbimg.com 49.51K 219.25M 10.14M

4 www.globo.com 47.51K 110.35M 8.16M

5 au.download.windowsupdate.com 26.91K 2.26G 106.79M

6 isodoc.uem.com.br 26.78K 108.30M 12.23M

7 armdl.adobe.com 25.04K 908.19M 28.53M

8 www.google.com.br 23.16K 152.36M 25.37M

9 clients1.google.com.br 21.41K 18.50M 5.74M

10 pagead2.googlesyndication.com 18.08K 66.29M 25.73M

11 portal.uem.com.br 15.45K 56.30M 8.98M

12 ads.img.globo.com 15.27K 93.08M 7.87M

13 l.yimg.com 14.28K 121.74M 23.54M

14 www.lusakatimes.com 14.11K 68.12M 48.34M

15 www.lancenet.com.br 13.76K 29.28M 2.93M

16 www.estadao.com.br 13.44K 30.96M 3.71M

17 p2.trrsf.com.br 13.32K 20.22M 1.90M

18 www.bb.com.br 12.56K 47.75M 1.97M

19 imagem.buscape.com.br 10.46K 14.43M 1.42M

20 globoesporte.globo.com 10.41K 69.64M 5.06M

Squid Reports – TopUsers

NUM USERID CONNECT BYTES %BYTES IN-CACHE-OUT ELAPSED TIME MILISEC %TIME

1 192.168.0.6 23.78K 861.55M 4.55% 2.98% 97.02% 04:21:32 15,692,307 0.57%

2 192.168.0.165 2.40K 727.77M 3.85% 1.54% 98.46% 01:07:48 4,068,267 0.15%

3 192.168.0.148 8.89K 649.52M 3.43% 4.17% 95.83% 02:23:55 8,635,315 0.31%

4 192.168.9.112 4.31K 611.18M 3.23% 0.92% 99.08% 13:23:36 48,216,744 1.75%

5 192.168.10.229 37.60K 586.36M 3.10% 4.27% 95.73% 13:34:54 48,894,783 1.77%

6 192.168.14.235 3.74K 504.24M 2.66% 0.56% 99.44% 08:51:05 31,865,595 1.15%

7 192.168.12.115 10.32K 446.96M 2.36% 0.74% 99.26% 14:00:00 50,400,653 1.82%

8 192.168.12.229 44.30K 441.86M 2.33% 4.28% 95.72% 10:25:42 37,542,217 1.36%

9 192.168.14.161 3.54K 386.25M 2.04% 2.24% 97.76% 04:57:59 17,879,172 0.65%

10 192.168.9.201 45.46K 358.52M 1.89% 16.72% 83.28% 13:48:09 49,689,988 1.80%

11 192.168.0.167 2.95K 337.13M 1.78% 3.76% 96.24% 00:35:55 2,155,207 0.08%

12 192.168.12.241 22.13K 317.47M 1.68% 6.24% 93.76% 11:42:02 42,122,238 1.53%

13 192.168.12.217 17.42K 305.84M 1.62% 4.46% 95.54% 10:34:54 38,094,238 1.38%

14 192.168.12.242 11.12K 303.56M 1.60% 3.11% 96.89% 05:29:00 19,740,599 0.71%

15 192.168.12.200 35.73K 280.22M 1.48% 15.62% 84.38% 09:33:02 34,382,504 1.24%

Page 9: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

16 192.168.0.30 1.66K 232.88M 1.23% 1.12% 98.88% 00:32:05 1,925,039 0.07%

17 192.168.12.126 35.52K 232.84M 1.23% 12.72% 87.28% 08:02:43 28,963,594 1.05%

18 192.168.10.112 28.66K 226.63M 1.20% 1.48% 98.52% 41:09:32 148,172,733 5.37%

19 192.168.8.150 49.18K 215.27M 1.14% 20.38% 79.62% 06:49:33 24,573,811 0.89%

20 192.168.12.177 22.83K 207.01M 1.09% 9.09% 90.91% 11:24:36 41,076,614 1.49%

Squid Reports – Tentativas de acesso a Sites Indevidos

LOCAL ACESSADO IPwww.adultminigames.com 192.168.12.229 www.pornhub.com 192.168.12.229 www.porno-dvd-movies.com 192.168.12.229 www.sexboobtube.com 192.168.10.232 www.sexyfunpics.com 192.168.12.226 www.sexykristylust.com 192.168.12.229

Obs1: Não foi acrescentada nenhuma expressão ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso de sites relacionados.

Page 10: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Trend Micro - InterScan Messaging Security Suite

DADOS DO SISTEMA

NOME VERSÃO CORRENTE DISPONÍVEL VERSÃO ANTERIORScan engine 9.200.1012 9.200.1012 9.120.1012Virus pattern 7.743.00 7.743.00 7.729.00Spyware/grayware pattern 0.871.00 0.871.00 0.871.00IntelliTrap pattern 0.147.00 0.147.00 0.147.00IntelliTrap exceptions 0.617.00 0.617.00 0.615.00Anti-spam engine 6.5.1024 6.5.1024 6.5.1024Spam pattern 17872.002 17872.002 17856.006IMSS Version 7.0-Build_Linux_3216 N/A

ESTATÍSTICAS

PERÍODO: ÚLTIMOS 7 DIAS

RESUMO

Scanning Conditions Total %Malicious code 2 0%Spyware/grayware 0 0%Spam 17630 24.89%Phish 0 0%Attachment 0 0%Size 0 0%Content 246 0.35%Others 0 0%Scanning exceptions 1 0%

GRÁFICOS – PERÍODO 26/12/2010 A 01/01/2011Spam by Action

Spam ActionsDetections Message % Size (MB)

Total spam message count 62948 100.00 140.524

Quarantined 19705 31.30 140.524

Deleted 0 0.00 0.000

Tagged 19705 31.30 140.524

Other 0 0.00 0.000

Rejected by NRS 43243 68.70 N/A

Rejected by IP Profiler 0 0.00 N/A

Page 11: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Top 10 Spam RecipientsRecipient Total Message Count Total Spam Msgs Spam Msgs % Spam Size (MB) Spam Size %

[email protected] 218 154 70.64 0.929 [email protected] 168 135 80.36 0.890 [email protected] 210 133 63.33 2.322 [email protected] 169 132 78.11 0.804 [email protected] 240 123 51.25 0.728 [email protected] 163 121 74.23 1.003 [email protected] 185 120 64.86 2.106 [email protected] 146 113 77.40 0.986 [email protected] 137 113 82.48 0.415 30.36

[email protected] 127 112 88.19 1.029 70.84

Virus and Malicious Code Summary

Detections Message %

Total detections 3 100.00

Messages deleted 0 0.00

Messages quarantined 3 100.00

Attachments cleaned 0 0.00

Messages with attachments deleted 1 33.33

Messages blocked by IP Profiler 0 0.00

Top 10 Virus and Malicious Code Detections1PAK_Generic.001 22Possible_Virus 13N/A 04N/A 05N/A 06N/A 07N/A 08N/A 09N/A 0

10N/A 0

Top 10 Virus RecipientsRecipient Total Message Count Total Virus Msgs Virus Msgs % Virus Size (MB) Virus Size %

[email protected] 25 2 8.00 4.225 [email protected] 1 1 100.00 0.698 100.003N/A 0 0 0.00 0.000 0.004N/A 0 0 0.00 0.000 0.005N/A 0 0 0.00 0.000 0.006N/A 0 0 0.00 0.000 0.007N/A 0 0 0.00 0.000 0.008N/A 0 0 0.00 0.000 0.009N/A 0 0 0.00 0.000 0.00

10N/A 0 0 0.00 0.000 0.00

Page 12: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

CACTI – Gráficos

Período de 20/12/2010 a 27/12/2010

UEMFS

Page 13: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço
Page 14: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UEMICA

Page 15: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UEMNOTES

Page 16: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UEMPRD

Page 17: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço
Page 18: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UEMRMSA

Page 19: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço
Page 20: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço
Page 21: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Nagios

Disponibilidade – últimos 7 dias

Host Service % Time OK% Time Warning

% Time Unknown

% Time Critical

% Time Undetermined

internet_embratel Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

link-juruti Rede_Ping97.816% (97.816%)

0.000% (0.000%)

0.000% (0.000%)

2.184% (2.184%)

0.000%

link-riocapim Rede_Ping95.439% (95.439%)

0.049% (0.049%)

0.000% (0.000%)

4.512% (4.512%)

0.000%

link-yamana Rede_Ping99.385% (99.385%)

0.000% (0.000%)

0.000% (0.000%)

0.615% (0.615%)

0.000%

link-zambia Rede_Ping78.027% (78.027%)

0.000% (0.000%)

0.000% (0.000%)

21.973% (21.973%)

0.000%

nagios_remoto Rede_Http99.428% (99.428%)

0.000% (0.000%)

0.000% (0.000%)

0.572% (0.572%)

0.000%

router_intel Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Telnet100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

site_embratel Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

storage-119 Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

storage-120 Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-B Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-C Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-D Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-E Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-F Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem-adm Local_Carga100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_Root100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Processos100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Users100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Http:82100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SSH100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem-gw Local_Carga100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_Root100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_backup100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_bkpremoto

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_ftp_pessoal

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_ftp_public

27.488% (27.488%)

72.512% (72.512%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_home_ponto

99.902% (99.902%)

0.000% (0.000%)

0.000% (0.000%)

0.098% (0.098%)

0.000%

Local_Disk_home_restrito

27.484% (27.484%)

72.516% (72.516%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Processos100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Page 22: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Local_Users100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Dns100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ftp100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Http:81100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SSH100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Squid:3128100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemantspam-imss Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_TrendImss100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_TrendPolices100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemap-aplicacao Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uembdcRede_Active Directory

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uembes-blackberry Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_LotusDomino100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemdev Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SAP100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemfs-fileserver Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_NetBios100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemica-metaframe Rede_Http99.955% (99.955%)

0.000% (0.000%)

0.000% (0.000%)

0.045% (0.045%)

0.000%

Rede_Metaframe99.955% (99.955%)

0.000% (0.000%)

0.000% (0.000%)

0.045% (0.045%)

0.000%

Rede_Ping99.955% (99.955%)

0.000% (0.000%)

0.000% (0.000%)

0.045% (0.045%)

0.000%

Rede_TS99.955% (99.955%)

0.000% (0.000%)

0.000% (0.000%)

0.045% (0.045%)

0.000%

uemmine-database Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Sql100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemnotes-correio Rede_Https100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ldap100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Smtp100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemprd Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SAP100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemrmsa-database Rede_Oracle99.906% (99.906%)

0.000% (0.000%)

0.000% (0.000%)

0.094% (0.094%)

0.000%

Rede_Ping99.906% (99.906%)

0.000% (0.000%)

0.000% (0.000%)

0.094% (0.094%)

0.000%

Page 23: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

uemvm-vmware Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

vm-isodoc Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Postgresql100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Average97.530% (97.530%)

2.043% (2.043%)

0.000% (0.000%)

0.427% (0.427%)

0.000%

NTOP

Page 24: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço
Page 25: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

Trend Micro - Office Scan

Update Status for Networked Computers

* itens marcados com a cor amarela possuem a mesma versão da semana anterior

Top 10 Security Risk Statistics for Networked Computers

Virus/Malware Statistics:

Virus/Malware

Name Infections

HTML_IFRAME.AUO 13924

Mal_Otorun1 4009

PE_MABEZAT.B-O 3835

Mal_Sality 1607

TSC_GENCLEAN 1354

WORM_OTOIT.SMT 1182

TROJ_Generic.DIT 1098

PAK_Generic.001 996

TROJ_DLOADE.FF 975

Mal_Otorun2 957

Infected Computers

Name Detections Log

UEMMBB27 8264 View

UEMMBB202 5656 View

SAFETY 4101 View

UEMPABX 1134 View

UEMFS 706 View

UEMMBB312 447 View

UEMOP956 349 View

UEMOP509 265 View

UEMOP706 264 View

Page 26: Relatório Semanal U&M - InvestLinux – 03/01/2011portal.uem.com.br/relatorio/2011/relatorio-uem... · Relatório Semanal U&M - InvestLinux – 03/01/2011 Uptime / Last OK Espaço

UEMOP954 260 View

Infection Source

Name Detections

192.168.9.242\ADMINISTRADOR 70

192.168.4.12\KEILLA REGINA 35

192.168.9.38\ADMINISTRADOR 34

\\192.168.0.133\GUEST 22

\\192.168.0.131\GUEST 21

RAR-29A45523705\ROTINARC 19

192.168.9.250\ADMINISTRADOR 16

\\[fe80::c5b5:9711:6e96:4124]\Guest 16

\\UEMZMSPL\Guest 16

\\UEMZMSPL\ANONYMOUS LOGON 16

Spyware/Grayware Statistics:

Spyware/Grayware

Name Infections

GRAY_Gen 171

SPYW_ARDAKEY 89

CRCK_KEYGEN 87

HKTL_ULTRASURF 77

GRAY_GEN.0Z1013S 71

ADW_SAVENOW.BO 29

HKTL_USURF 25

CRCK_JBEAN 22

GRAY_Sml 22

ADW_WEBDIR.AC 12

Infected Computers

Name Detections Log

UEMFS 217 View

UEMPABX 91 View

UEMICA 71 View

UEMOP964 47 View

UEMOP421 14 View

UEMMBB163 13 View

UEMMBB53 9 View

UEMOP416 5 View

UEMOP954 5 View

UEMMBB01 4 View