Relatório Semanal U&M - InvestLinux – 17/12/2012

Uptime / Last OK

Espaço em Disco OK

Dmesg OK

Logs OK

Dat Anti-Vírus OK

Top - Memória / Processos / Carga OK

Processos OK

Portas Tcp Udp Abertas OK

MRTG - Tráfego OK

MRTG - Processador OK

Ipaudit Diário OK

Ipaudit Semanal OK

Squid Reports - TopSites OK

Squid Reports - TopUsers OK

Nagios - Disponibilidade HTTP 100,00%

Nagios - Disponibilidade SMTP 99,95%

Uptime / LastUptime (Tempo Online do Servidor) Last (Conexões remotas)

[root@uem-gw]# uptime 07:28:38 up 83 days, 21:42, 1 user, load average: 0.81, 0.58, 0.56

[root@uem-gw]# last | sort -k 3 | moreuem ftpd27417 177.87.162.114 Wed Dec 5 01:48 - 01:48 (00:00) uem ftpd27418 177.87.162.114 Wed Dec 5 01:48 - 01:58 (00:10) uem ftpd27495 177.87.162.114 Wed Dec 5 01:50 - 01:50 (00:00) il-adm pts/0 187.109.112.9 Fri Dec 7 09:35 - 09:55 (00:19) il-adm pts/0 187.109.112.9 Mon Dec 10 07:40 - 16:24 (08:44) il-adm pts/1 187.109.112.9 Mon Dec 10 11:39 - 13:26 (01:47) il-adm pts/0 187.109.112.9 Mon Dec 17 07:28 still logged in il-adm pts/0 187.109.112.9 Mon Dec 3 14:57 - 17:23 (02:26) il-adm pts/0 187.109.112.9 Mon Dec 3 19:44 - 22:34 (02:49) il-adm pts/0 187.109.112.9 Mon Dec 3 23:08 - 23:32 (00:24) il-adm pts/0 187.109.112.9 Thu Dec 13 15:55 - 17:50 (01:55) il-adm pts/0 187.109.112.9 Thu Dec 6 11:17 - 11:38 (00:21) il-adm pts/0 187.109.112.9 Thu Dec 6 14:45 - 22:50 (08:04) il-adm pts/2 187.109.112.9 Thu Dec 6 16:03 - 22:50 (06:46) il-adm pts/0 187.109.112.9 Tue Dec 11 11:24 - 14:16 (02:51) il-adm pts/0 187.109.112.9 Tue Dec 11 16:52 - 17:23 (00:31) il-adm pts/1 187.109.112.9 Tue Dec 11 16:54 - 17:23 (00:29) il-adm pts/0 187.109.112.9 Tue Dec 4 16:13 - 17:18 (01:05) il-adm pts/0 187.109.112.9 Wed Dec 12 15:20 - 16:15 (00:55) il-adm pts/0 187.109.112.9 Wed Dec 5 18:43 - 21:46 (03:03) il-adm pts/1 187.109.112.9 Wed Dec 5 18:49 - 21:46 (02:57) uem ftpd25323 189.3.236.211 Fri Dec 14 08:26 - 08:36 (00:09) uem ftpd31708 189.3.236.211 Fri Dec 14 17:40 - 17:50 (00:10) uem ftpd3022 189.3.236.211 Fri Dec 14 17:52 - 17:52 (00:00) uem ftpd3026 189.3.236.211 Fri Dec 14 17:53 - 17:53 (00:00) uem ftpd4193 189.3.236.211 Mon Dec 3 09:05 - 09:05 (00:00) uem ftpd4209 189.3.236.211 Mon Dec 3 09:06 - 09:16 (00:10) uem ftpd7920 189.3.236.211 Mon Dec 3 09:23 - 09:24 (00:00) uem ftpd7922 189.3.236.211 Mon Dec 3 09:24 - 09:26 (00:02) uem ftpd8486 189.3.236.211 Mon Dec 3 09:30 - 09:36 (00:05) uem ftpd15802 189.3.236.211 Mon Dec 3 10:27 - 10:37 (00:10) uem ftpd16664 189.3.236.211 Mon Dec 3 10:42 - 10:47 (00:05) uem ftpd18170 189.3.236.211 Mon Dec 3 11:12 - 11:22 (00:10) uem ftpd10457 189.3.236.211 Mon Dec 3 14:46 - 14:56 (00:10) uem ftpd11320 189.3.236.211 Mon Dec 3 15:01 - 15:06 (00:04) uem ftpd12521 189.3.236.211 Mon Dec 3 15:16 - 15:26 (00:10) uem ftpd16860 189.3.236.211 Mon Dec 3 15:34 - 15:36 (00:01) uem ftpd3831 189.3.236.211 Sat Dec 1 10:56 - 10:56 (00:00) uem ftpd3854 189.3.236.211 Sat Dec 1 10:56 - 11:06 (00:10) uem ftpd4489 189.3.236.211 Sat Dec 1 11:09 - 11:16 (00:07) uem ftpd10366 189.3.236.211 Sat Dec 1 11:35 - 11:45 (00:10) uem ftpd18980 189.3.236.211 Sat Dec 1 12:55 - 13:05 (00:10) uem ftpd24515 189.3.236.211 Sat Dec 1 17:48 - 18:00 (00:12) uem ftpd24970 189.3.236.211 Sat Dec 1 17:58 - 18:00 (00:01)

Espaço em Disco[root@uem-gw]# df -hSist. Arq. Tam Usad Disp Uso% Montado em/dev/sda3 38G 28G 7,9G 78% /varrun 1014M 268K 1014M 1% /var/runvarlock 1014M 0 1014M 0% /var/lockudev 1014M 52K 1014M 1% /devdevshm 1014M 0 1014M 0% /dev/shm/dev/sdb1 50G 21G 27G 45% /backup/dev/sda1 471M 140M 308M 32% /boot//192.168.0.105/Pessoal 20G 16G 4,1G 80% /ftp/Pessoal//192.168.0.105/Public 200G 169G 32G 85% /ftp/Public//192.168.0.105/Restrito 200G 169G 32G 85% /home/Restrito//192.168.0.100/CorporeRM 47G 23G 25G 48% /home/ponto//192.168.0.105/BKP-linux 30G 17G 14G 55% /backup-remoto

Dmesg

Dmesg – Alertas de Console (Eventuais Erros de Disco, Rede, Hardware em geral)- Sem informações relevantes -

Logs

Verificação superficial de logs do sistema: ( syslog(tmsys) / secure(tms) / squid(tmsq) )

Dat Anti-Vírus

[root@uem-gw]# freshclamClamAV update process started at Mon Dec 17 07:45:53 2012main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)daily.cld is up to date (version: 15866, sigs: 345564, f-level: 63, builder: neo)bytecode.cld is up to date (version: 208, sigs: 41, f-level: 63, builder: neo)

Semana Anterior:ClamAV update process started at Mon Dec 10 07:48:17 2012 main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 15708, sigs: 297527, f-level: 63, builder: jesler) bytecode.cld is up to date (version: 203, sigs: 40, f-level: 63, builder: neo)

Top - Memória / Processos / Carga- Sem informações relevantes -

Processos- Sem informações relevantes -

Portas Tcp Udp Abertas[root@uem-gw]# netstat -ap | grep LISTEN | grep -v STREAMtcp 0 0 localhost:60000 *:* LISTEN 6846/postgrey.pid -tcp 0 0 192.168.0.1:5666 *:* LISTEN 3742/nrpe tcp 0 0 *:10050 *:* LISTEN 9156/zabbix_agentdtcp 0 0 localhost:zebra *:* LISTEN 9546/zebra tcp 0 0 *:rsync *:* LISTEN 7421/rsync tcp 0 0 localhost:mysql *:* LISTEN 6726/mysqld tcp 0 0 localhost:bgpd *:* LISTEN 9550/bgpd tcp 0 0 *:webmin *:* LISTEN 9186/perl tcp 0 0 *:81 *:* LISTEN 19765/apache2 tcp 0 0 *:bgp *:* LISTEN 9550/bgpd tcp 0 0 *:ftp *:* LISTEN 1602/proftpd: (accetcp 0 0 200.199.9.234:domain *:* LISTEN 18612/named tcp 0 0 200.216.228.210:domain *:* LISTEN 18612/named tcp 0 0 177.38.168.1:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.29:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.27:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.25:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.23:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.21:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.19:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.17:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.15:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.13:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.11:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.9:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.7:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.3:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.5:domain *:* LISTEN 18612/named tcp 0 0 10.0.0.1:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.28:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.29:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.12:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.50:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.11:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.10:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.9:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.8:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.7:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.6:domain *:* LISTEN 18612/named

tcp 0 0 200.243.57.4:domain *:* LISTEN 18612/named tcp 0 0 200.243.57.3:domain *:* LISTEN 18612/named tcp 0 0 correio.uem.com.:domain *:* LISTEN 18612/named tcp 0 0 uemnotes.uem.com:domain *:* LISTEN 18612/named tcp 0 0 192.168.0.2:domain *:* LISTEN 18612/named tcp 0 0 192.168.0.1:domain *:* LISTEN 18612/named tcp 0 0 localhost:domain *:* LISTEN 18612/named tcp 0 0 *:ssh *:* LISTEN 854/sshd tcp 0 0 *:3128 *:* LISTEN 5515/(squid) tcp 0 0 *:smtp *:* LISTEN 7400/master tcp 0 0 *:1723 *:* LISTEN 7408/pptpd tcp6 0 0 [::]:rsync [::]:* LISTEN 7421/rsync tcp6 0 0 [::]:bgp [::]:* LISTEN 9550/bgpd tcp6 0 0 [::]:domain [::]:* LISTEN 18612/named tcp6 0 0 [::]:ssh [::]:* LISTEN 854/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 18612/named Obs: Comando mostra na quarta coluna, preferencialmente, o nome do serviço após o caracter “:”.

root@uem-gw:~# netstat -nap | grep LISTEN | grep -v STREAMtcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 6846/postgrey.pid -tcp 0 0 192.168.0.1:5666 0.0.0.0:* LISTEN 3742/nrpe tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 9156/zabbix_agentdtcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 9546/zebra tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7421/rsync tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 6726/mysqld tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 9550/bgpd tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 9186/perl tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 19765/apache2 tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 9550/bgpd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1602/proftpd: (accetcp 0 0 200.199.9.234:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.216.228.210:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 177.38.168.1:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.29:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.27:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.25:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.23:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.21:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.19:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.17:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.15:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.13:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.11:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.9:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.7:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.3:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.5:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 10.0.0.1:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.28:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.29:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.12:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.50:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.11:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.10:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.9:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.8:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.7:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.6:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.4:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.3:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.2:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 200.243.57.5:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 192.168.0.2:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 18612/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 854/sshd tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 5515/(squid) tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 18612/named tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7400/master tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7408/pptpd tcp6 0 0 :::873 :::* LISTEN 7421/rsync tcp6 0 0 :::179 :::* LISTEN 9550/bgpd tcp6 0 0 :::53 :::* LISTEN 18612/named tcp6 0 0 :::22 :::* LISTEN 854/sshd tcp6 0 0 ::1:953 :::* LISTEN 18612/named Obs: Comando mostra na quarta coluna a porta do serviço após o caracter “:”.

MRTG - Tráfego*

Internet – eth1

Roteador Embratel

Link Oi – eth2

VPN Yamana – tun1

VPN Juruti

VPN Rio Capim – tun4

VPN Zâmbia – tun6

VPN Carajás – tun7

Roteador Jangada – 189.52.77.26

UeM ADM – CPU Utilization

UeM ADM – Load

UeM GW – CPU Utilization

UeM GW – Load

*Os gráficos foram comparados com os da semana anterior. Em caso de alteração significativa, é feita a análise de possível problema e relatado como observação abaixo do mesmo.Os Gráficos não comentados foram considerados normais. Caso queira análise de algum específico, basta fazer o pedido.

Ipaudit Diário

- Sem informações relevantes -

Ipaudit Semanal (Top 10)

IPHost Name Incoming

(bytes)Outgoing

(bytes)Total

(bytes)

200.243.057.002 correio.uem.com.br 85,635,867,736 35,744,978,603 121,380,846,339

200.243.057.005 uemnotes.uem.com.br 24,246,165,353 66,079,639,296 90,325,804,649

192.168.000.001 - 16,020,528,158 36,460,278,764 52,480,806,922

192.168.000.065 - 14,552,250,921 16,259,641,146 30,811,892,067

200.243.057.011 - 19,803,952,109 7,528,520,239 27,332,472,348

200.243.057.008 - 17,381,931,363 9,863,251,736 27,245,183,099

192.168.000.099 - 15,495,730,250 10,287,106,752 25,782,837,002

192.168.000.042 - 12,336,807,984 7,426,010,062 19,762,818,046

192.168.000.103 uemnotes.uem.com.br 6,869,941,551 8,704,043,700 15,573,985,251

192.168.000.107 uemantspam.uem.com.br 4,525,614,500 2,058,602,727 6,584,217,227

Squid Reports Semanal – 09/12/2012 a 15/12/2012

Squid Reports – TopSites

NUM ACCESSED SITE CONNECT BYTES TIME

1 au.download.windowsupdate.com 300.67K 9.93G 931.06M

2 s.glbimg.com 262.59K 932.77M 85.00M

3 osce80-en.url.trendmicro.com 200.52K 135.92M 78.65M

4 s2.glbimg.com 192.81K 786.03M 99.86M

5 www.google-analytics.com 59.66K 41.56M 9.30M

6 www.google.com 52.38K 1.14G 137.43M

7 download.windowsupdate.com 49.60K 1.06G 189.73M

8 mail.yimg.com 44.47K 165.49M 31.25M

9 www.google.com.br 41.06K 525.43M 68.99M

10 ads.img.globo.com 37.99K 166.18M 30.13M

11 pagead2.googlesyndication.com 34.29K 359.28M 34.17M

12 clients1.google.com.br 34.06K 27.65M 9.20M

13 ads.globo.com 32.26K 29.02M 5.15M

14 www.receita.fazenda.gov.br 32.10K 289.80M 187.77M

15 oss-content.securestudies.com 30.21K 8.63M 15.70M

16 l.yimg.com 29.48K 152.54M 35.53M

17 googleads.g.doubleclick.net 23.87K 76.10M 14.22M

18 www.beforward.jp 23.49K 207.06M 69.89M

19 b.scorecardresearch.com 22.93K 11.07M 8.20M

20 ad.doubleclick.net 21.49K 33.48M 7.40M

Squid Reports – TopUsers

Squid Reports – Tentativas de acesso a Sites Indevidos

LOCAL ACESSADO IPwww.assistatvonline.com 192.168.16.112www.bigpenisguide.com 192.168.12.134www.jfsexy.com.br 192.168.0.17www.novinhacaiunanet.com 192.168.17.222www.novinhasafada.com.br 192.168.17.222www.tvonlinegratis.tv 192.168.16.112

Obs1: Foi acrescentada a expressão “www.novinha” ao arquivo /etc/squid/site_proibido.txt a fim de impedir o acesso de sites relacionados.

Trend Micro - InterScan Messaging Security Suite

DADOS DO SISTEMA

NOME VERSÃO CORRENTE DISPONÍVEL VERSÃO ANTERIORScan engine 9.700.1001 9.700.1001 9.700.1001Virus pattern 9.599.00 9.599.00 9.585.00Spyware/grayware pattern 1.355.00 1.355.00 1.353.00IntelliTrap pattern 0.167.00 0.167.00 0.167.00IntelliTrap exceptions 0.829.00 0.829.00 0.827.00Anti-spam engine 6.800.1017 6.800.1017 6.800.1017Spam pattern 19456.006 19456.006 19438.002URL Filtering Engine 3.500.1047 3.000.1029 3.500.1047

GRÁFICOS – PERÍODO 09/12/2012 A 15/12/2012

Scanning ConditionsTotal Message % Incoming Outgoing

Total message count 103629 100.00 98568 5061

Virus or malicious code 0 0.00 0 0

Spyware/grayware 0 0.00 0 0

Spam 14126 13.63 14120 6

Phish 0 0.00 0 0

Suspicious URLs - Web Reputation 0 0.00 0 0

DKIM enforcement 0 0.00 0 0

Attachment 17 0.02 14 3

Size 0 0.00 0 0

Content 300 0.29 279 21

Compliance 0 0.00 0 0

Others 0 0.00 0 0

Scanning exceptions 1 0.00 1 0

Spam Tagged by Cloud Pre-Filter 0 0.00 0 0

IP Profiler 914 0.88 914 0

Email reputation 64127 61.88 64127 0

Clean email 24144 23.30 19113 5031

Trend Micro Email Encryption 0 0.00 0 0

Spam by Action

Spam ActionsDetections Message % Size (MB)

Total spam message count 79167 100.00 265.265

Quarantined 14126 17.84 265.265

Deleted 0 0.00 0.000

Tagged 14125 17.84 265.263

Other 0 0.00 0.000

Rejected by Email reputation 64127 81.00 N/A

Rejected by IP Profiler 914 1.15 N/A

Top 10 Spam RecipientsRecipient Total Message Count Total Spam Msgs Spam Msgs % Spam Size (MB) Spam Size %

1rosenilson.henriques@uem.com.br 922 328 35.57 8.239 36.442lucio@uem.com.br 438 263 60.05 7.801 62.263comercial@uem.com.br 489 252 51.53 5.466 11.104diretoria@uem.com.br 533 249 46.72 3.478 9.655ricardo@uem.com.br 429 245 57.11 5.619 53.126clovis@uem.com.br 350 241 68.86 3.808 15.567ricardo.xavier@uem.com.br 547 239 43.69 16.627 22.898monique.barreto@uem.com.br 480 208 43.33 7.522 7.729luciana.neves@uem.com.br 434 206 47.47 4.509 10.32

10felipe.estevao@uem.com.br 356 201 56.46 3.559 25.92

Virus and Malicious Code Summary

Detections Message %

Total detections 0 0.00

Messages deleted 0 0.00

Messages quarantined 0 0.00

Attachments cleaned 0 0.00

Messages with attachments deleted 0 0.00

Messages blocked by IP Profiler 0 0.00

Top 10 Virus and Malicious Code Detections1N/A 02N/A 03N/A 04N/A 05N/A 06N/A 07N/A 08N/A 09N/A 0

10N/A 0

Top 10 Virus RecipientsRecipient Total Message Count Total Virus Msgs Virus Msgs % Virus Size (MB) Virus Size %

1N/A 0 0 0.00 0.000 0.002N/A 0 0 0.00 0.000 0.003N/A 0 0 0.00 0.000 0.004N/A 0 0 0.00 0.000 0.005N/A 0 0 0.00 0.000 0.006N/A 0 0 0.00 0.000 0.007N/A 0 0 0.00 0.000 0.008N/A 0 0 0.00 0.000 0.009N/A 0 0 0.00 0.000 0.00

10N/A 0 0 0.00 0.000 0.00

CACTI – Gráficos

Período de 10/11/2012 a 17/12/2012

UEMFS

UEMICA

UEMNOTES

UEMPRD

*

UEMRMSA

Nagios

Disponibilidade – últimos 7 dias

Host Service % Time OK% Time Warning

% Time Unknown

% Time Critical

% Time Undetermined

internet_embratel Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

internet_oi Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

link-carajas Rede_Ping58.034% (58.034%)

0.000% (0.000%)

0.000% (0.000%)

41.966% (41.966%)

0.000%

link-ebt-jangada Rede_Ping98.552% (98.552%)

0.000% (0.000%)

0.000% (0.000%)

1.448% (1.448%)

0.000%

link-jangada Rede_Ping85.127% (85.127%)

0.000% (0.000%)

0.000% (0.000%)

14.873% (14.873%)

0.000%

link-juruti Rede_Ping85.790% (85.790%)

0.000% (0.000%)

0.000% (0.000%)

14.210% (14.210%)

0.000%

uem1_Rede_Ping86.388% (86.388%)

0.000% (0.000%)

0.000% (0.000%)

13.612% (13.612%)

0.000%

link-vlopes Rede_Ping98.832% (98.832%)

0.000% (0.000%)

0.000% (0.000%)

1.168% (1.168%)

0.000%

uem1_Rede_Ping99.856% (99.856%)

0.000% (0.000%)

0.000% (0.000%)

0.144% (0.144%)

0.000%

link-yamana Rede_Ping99.430% (99.430%)

0.000% (0.000%)

0.000% (0.000%)

0.570% (0.570%)

0.000%

uem1_Rede_Ping62.813% (62.813%)

0.000% (0.000%)

0.000% (0.000%)

37.187% (37.187%)

0.000%

link-zambia Rede_Ping99.640% (99.640%)

0.000% (0.000%)

0.000% (0.000%)

0.360% (0.360%)

0.000%

uem1_Rede_Ping99.869% (99.869%)

0.000% (0.000%)

0.000% (0.000%)

0.131% (0.131%)

0.000%

nagios_remoto Rede_Http99.729% (99.729%)

0.000% (0.000%)

0.000% (0.000%)

0.271% (0.271%)

0.000%

uem1_Rede_Http99.916% (99.916%)

0.000% (0.000%)

0.000% (0.000%)

0.084% (0.084%)

0.000%

router_cisco Rede_Ping99.802% (99.802%)

0.198% (0.198%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Telnet100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

storage-119 Rede_Ping99.056% (99.056%)

0.000% (0.000%)

0.000% (0.000%)

0.944% (0.944%)

0.000%

storage-120 Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-B Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-C Rede_Ping99.454% (99.454%)

0.546% (0.546%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-D Rede_Ping99.256% (99.256%)

0.744% (0.744%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-E Rede_Ping99.504% (99.504%)

0.496% (0.496%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

switch-3com-F Rede_Ping57.677% (57.677%)

0.000% (0.000%)

0.000% (0.000%)

42.323% (42.323%)

0.000%

uem-adm Local_Carga100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_Root100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Processos100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Users100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Http:82100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SSH100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem-gw Local_Carga99.851% (99.851%)

0.149% (0.149%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_Root99.952% (99.952%)

0.000% (0.000%)

0.000% (0.000%)

0.048% (0.048%)

0.000%

Local_Disk_backup100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_bkpremoto

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_ftp_pessoal

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_ftp_public

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_home_ponto

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Disk_home_restrito

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Processos100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Local_Users100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Dns100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ftp100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Http:81100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SSH100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Squid:3128100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Local_Disk_ftp_public

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Local_Disk_home_ponto

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemantspam-imss Rede_Ping99.010% (99.010%)

0.000% (0.000%)

0.000% (0.000%)

0.990% (0.990%)

0.000%

Rede_SSH99.007% (99.007%)

0.000% (0.000%)

0.000% (0.000%)

0.993% (0.993%)

0.000%

uemap-aplicacao Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uembes-blackberry Rede_Http99.088% (99.088%)

0.000% (0.000%)

0.000% (0.000%)

0.912% (0.912%)

0.000%

Rede_LotusDomino99.088% (99.088%)

0.000% (0.000%)

0.000% (0.000%)

0.912% (0.912%)

0.000%

Rede_Ping97.105% (97.105%)

0.496% (0.496%)

0.000% (0.000%)

2.398% (2.398%)

0.000%

uemdev Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SAP100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemfs-fileserver Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_NetBios100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_NetBios100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemica-metaframe Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Metaframe100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_TS100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Metaframe

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_TS100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemmine-database Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Sql100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Sql100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemnotes-correio Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Https100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ldap100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Smtp99.951% (99.951%)

0.000% (0.000%)

0.000% (0.000%)

0.049% (0.049%)

0.000%

uem1_Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Https100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Smtp99.901% (99.901%)

0.000% (0.000%)

0.000% (0.000%)

0.099% (0.099%)

0.000%

uemprd Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_SAP100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_SAP100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemrmsa-database Rede_Oracle100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Oracle100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uemvm-vmware Rede_Ping99.034% (99.034%)

0.000% (0.000%)

0.000% (0.000%)

0.966% (0.966%)

0.000%

vm-isodoc Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Rede_Postgresql100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Http100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Postgresql

100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

vpn-server-mk-lan Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

vpn-server-mk-wan Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

uem1_Rede_Ping100.000% (100.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000% (0.000%)

0.000%

Average98.152% (98.152%)

0.027% (0.027%)

0.000% (0.000%)

1.821% (1.821%)

0.000%

Trend Micro - Office Scan

Update Status for Networked Computers

* itens marcados com a cor amarela possuem a mesma versão da semana anterior

Top 10 Security Risk Statistics for Networked Computers

Virus/Malware Statistics:

Virus/Malware

Name Infections

TSC_GENCLEAN 2314

TSPY_ZBOT.SKA 924

TROJ_SPNR.19G412 784

TROJ_ZEROA.SM2 546

Mal_OtorunN 467

TROJ_SIREFEF.EM 376

RTKT_ZACESS.SM11 341

Mal_Siref32 334

TROJ_SIREFEF.DD 301

TROJ_SIREFEF.QA 277

Last reset:22/5/2012 16:11:20

Infected Computers

Name Detections Log

USER-HP 995 View

UEMFS 478 View

UEM-SAFETY 332 View

UEMOP917 289 View

HP24565236893 276 View

UEMOP507 141 View

UEMOP709 123 View

UEMOP511 116 View

UEMOP804 102 View

UEMOP935 100 View

Last reset:22/5/2012 16:11:49

Infection Source

Name Detections

HP-DISPATCH2\ADMINISTRATOR 1210

HP33671896628\EDWIN SIKAKENA 349

HP33671896628\OLIVER CHILESHE 105

HP33671896628\GILLY NYIRENDA 98

192.168.9.242\ADMINISTRADOR 70

HP33671896628\LOMBE CHOMBA 64

U-92CFD590AD0D4\MAINTENANCE 45

UEMDEV\UEMSOTREQ 37

192.168.4.12\KEILLA REGINA 35

192.168.9.38\ADMINISTRADOR 34

Spyware/Grayware Statistics:

Spyware/Grayware

Name Infections

CRCK_KEYGEN 46

HKTL_KEYGEN 32

ADW_BHO 14

ADW_SCANNER 12

HKTL_CRACKCF 10

HKTL_USURF 9

ADW_SOLIMBA 7

CRCK_PATCH 6

CRCK_PATCHER 6

CRCK_CRACK 5

Last reset:22/5/2012 16:11:57

Infected Computers

Name Detections Log

UEMOP984 23 View

UEMFS 14 View

UEMOP928 12 View

UEMMBB262 12 View

UEMOP932 11 View

UEMOP954 9 View

UEMOP511 8 View

UEMOP809 8 View

UEMOP979 7 View

UEMOP933 3 View

Last reset:22/5/2012 16:12:04