Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
6-27
Cisco ASA Series 명령 참조, S 명령      
 
6      show ddns update interface through show environmentevent manager 명령
  show dynamic-filter reports infected-hosts     
다음은 show dynamic-filter reports infected hosts all 명령의 샘플 출력입니다.
ciscoasa# show dynamic-filter reports infected-hosts all
Total 2 infected-hosts in buffer
Host (interface)                        Latest malicious conn time, filter action  Conn logged, dropped
=======================================================================================================
192.168.1.4 (internal)                  15:39:40 UTC Sep 17 2009, dropped                    3      3
Malware-sites connected to (not ordered)
Site                       Latest conn port, time, filter action   Conn logged, dropped Threat-level Category
-------------------------------------------------------------------------------------------------------
10.73.210.27 (bad.example.com)     80, 15:39:31 UTC Sep 17 2009, dropped      2   2     very-high Malware
10.65.2.119 (bad2.example.com)     0, 15:39:40 UTC Sep 17 2009, dropped       1   1     very-high admin-added
=======================================================================================================
192.168.1.2 (internal)                  15:39:01 UTC Sep 17 2009, dropped                    5      5
Malware-sites connected to (not ordered)
Site                       Latest conn port, time, filter action   Conn logged, dropped Threat-level Category
-------------------------------------------------------------------------------------------------------
10.131.36.158 (bad.example.com)    0, 15:37:46 UTC Sep 17 2009, dropped      1    1    very-high admin-added
10.65.2.119 (bad2.example.com)     0, 15:37:53 UTC Sep 17 2009, dropped      1    1   very-high  admin-added
20.73.210.27 (bad3.example.com)   80, 15:39:01 UTC Sep 17 2009, dropped      3    3   very-high  Malware
=======================================================================================================
Last clearing of the infected-hosts report: Never
관련 명령
명령
설명
address
차단 목록 또는 허용 목록에 IP 주소를 추가합니다. 
clear configure dynamic-filter
실행 중인 봇네트 트래픽 필터 컨피그레이션을 지웁니다.
clear dynamic-filter 
dns-snoop
봇네트 트래픽 필터 DNS 스누핑 데이터를 지웁니다.
clear dynamic-filter reports 
봇네트 트래픽 필터 보고서 데이터를 지웁니다.
clear
 dynamic-filter statistics
봇네트 트래픽 필터 통계를 지웁니다.
dns domain-lookup
ASA에서 DNS 요청을 DNS 서버로 보내 지원되는 명령에 대한 이
름 조회를 수행할 수 있도록 합니다.
dns server-group
ASA의 DNS 서버를 식별합니다.
dynamic-filter 
ambiguous-is-black
작업을 위해 유보 목록(greylist)의 트래픽을 차단 목록의 트래픽
으로 처리합니다.
dynamic-filter blacklist
봇네트 트래픽 필터 차단 목록을 수정합니다.
dynamic-filter database fetch
봇네트 트래픽 필터 동적 데이터베이스를 수동으로 검색합니다.
dynamic-filter database find
동적 데이터베이스에서 도메인 이름 또는 IP 주소를 검색합니다. 
dynamic-filter database purge
봇네트 트래픽 필터 동적 데이터베이스를 수동으로 삭제합니다.
dynamic-filter drop blacklist
차단 목록의 트래픽을 자동으로 삭제합니다.
dynamic-filter enable
액세스 목록을 지정하지 않은 모든 트래픽 또는 트래픽의 클래스
에 봇네트 트래픽 필터를 사용합니다. 
dynamic-filter updater-client 
enable
동적 데이터베이스 다운로드를 활성화합니다.
dynamic-filter use-database
동적 데이터베이스 사용을 활성화합니다.
dynamic-filter whitelist
봇네트 트래픽 필터 허용 목록을 수정합니다.