Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi

The Web > Reporting > Client Malware Risk page is a security-related reporting page that can be used 
to monitor client malware risk activity. 

From the Client Malware Risk page, a system administrator can see which of their users are encountering 
the most blocks or warnings. Given the information gathered from this page, the administrator can click 
on the user link to view what this user doing on the web that makes them run into so many blocks or 
warnings and setting off more detections than the rest of the users on the network. 

Additionally, the Client Malware Risk page lists client IP addresses involved in frequent malware 
connections, as identified by the L4 Traffic Monitor (L4TM). A computer that connects frequently to 
malware sites may be infected with malware that is trying to connect to a central command and control 
server and should be disinfected. 

 shows the Client Malware Risk page. 

A trojan phisher may sit on an infected computer waiting for a specific web 
page to be visited or may scan the infected machine looking for user names and 
passwords for bank sites, auction sites, or online payment sites.

A virus is a program or piece of code that is loaded onto your computer without 
your knowledge and runs against your wishes.

A worm is program or algorithm that replicates itself over a computer network 
and usually performs malicious actions.