Manualsbrain.com
  1. Manuais
  2. Marcas
  3. Cisco
  4. Cisco Email Security Appliance C170
  5. Guia Do Utilizador

Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

Download
Página de 1181
 
39-31
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
 
Chapter 39      Logging
  Log Types
Initialization of File Reputation and File Analysis Servers
Wed Oct 5 15:17:31 2016 Info: File reputation service initialized successfully
Wed Oct 5 15:17:31 2016 Info: The following file type(s) can be sent for File Analysis: 
Microsoft Windows / DOS Executable, Microsoft Office 97-2004 (OLE), Microsoft Office 2007+ 
(Open XML), Other potentially malicious file types, Adobe Portable Document Format (PDF). 
To allow analysis of new file type(s), go to Security Services > File Reputation and 
Analysis.
Wed Oct 5 15:17:31 2016 Info: File Analysis service initialized successfully
File Reputation Server Not Configured
Tue Oct 4 23:15:24 2016 Warning: MID 12 reputation query failed for attachment 
'Zombies.pdf' with error "Cloud query failed"
Initialization of File Reputation Query
Fri Oct 7 09:44:04 2016 Info: File reputation query initiating. File Name = 'mod-6.exe', 
MID = 5, File Size = 1673216 bytes, File Type = application/x-dosexec
Response Received for File Reputation Query from File Reputation Server
Fri Oct 7 09:44:06 2016 Info: Response received for file reputation query from Cloud. File 
Name = 'mod-6.exe', MID = 5, Disposition = MALICIOUS, Malware = W32.061DEF69B5-100.SBX.TG, 
Reputation Score = 73, sha256 = 
061def69b5c100e9979610fa5675bd19258b19a7ff538b5c2d230b467c312f19, upload_action = 2 
Statistic
Description
File Name
The name of the file whose SHA-256 hash identifier is sent to the file 
reputation server.
If the file name is not available, it is termed as 
unknown
.
MID
The Message ID used to track messages that flow through the email pipeline.
File Size
The size of the file whose SHA-256 hash identifier is sent to the file 
reputation server.
File Type
The type of the file whose SHA-256 hash identifier is sent to the file 
reputation server.
Following are the supported file types:
Microsoft Windows / DOS Executable
Microsoft Office 97-2004 (OLE)
Microsoft Office 2007+ (Open XML)
Other potentially malicious file types
Adobe Portable Document Format (PDF)
Statistic
Description
File Name
The name of the file whose SHA-256 hash identifier is sent to the file 
reputation server.
If the file name is not available, it is termed as 
unknown
.
MID
The message ID used to track messages that flow through the email pipeline.