| EnServe Guides |
|
How To... |
The Security Report gives you some detailed information on what has been happening on your EnServe box.
Normally it is run via the Schedular once a week, mailing the summary to the security alias.
You can run it manually from the Admin login.
There are three options:
| sec | This runs the 'Quick' report, name resolution is switched off. This option looks at the rotated log files, that is it shows you the PREVIOUS weeks activity. |
| sec -R | This is the same as the report above except it will attempt where possible to 'resolve' IP Address to names. Name resolution is not that fast !! - This report may take some time. We recommend the weekly cron job should have the -R option. |
| sec -C | This is a 'Quick' report and is run on the CURRENT log files e.g. just the infomation in the logs since savelog has been run. (The Web Proxy section will be suppressed). |
Here are the sections of the report:
| Virus Scanner | Scanner in use Last time the definition files were updated |
|---|---|
| Mail Messages scanned | Number of messages scanned Number of Virus's trapped |
| General Mail Statistics | Summary of all in/out mail be sender, destination. |
| Junkbuster | Number of URL's processed by Junkbuster and number of ad's blocked. |
| TCP Wrapper - 1st Level Protection | The sites allowed remote access to the system. |
| IPF - 2nd Level Protection | This is a cryptic summary of all the rules (since last reboot) |
| Web Proxy Report | The web sites staff have been accessing. |
| Syslog | Qucik summary of anything 'weird' in the Syslog. |
| Blocked sites | Sites blocked by the 1st level protection and what they were trying to access. |
| Valid Users | Who was using what service. |
| IntraNet | Who has been accessing your INTRANET - that is local web pages. |
| IPF Details | A little cryptic report on what has come in/out of the firewall. |