Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160
5-41
AsyncOS 8.3.5 for Cisco Content Security Management User Guide
Chapter 5 Using Centralized Web Reporting and Tracking
Web Tracking
Searching for Transactions Processed by the L4 Traffic Monitor
The L4 Traffic Monitor tab on the Web > Reporting > Web Tracking page provides details about
connections to malware sites and ports. You can search for connections to malware sites by the following
types of information:
connections to malware sites and ports. You can search for connections to malware sites by the following
types of information:
•
Time range
•
IP address of the machine that initiated the transaction (IPv4 or IPv6)
•
Domain or IP address of the destination website (IPv4 or IPv6)
•
Port
Commercial System
Monitor
Monitor
A commercial system monitor is a piece of software with system monitor
characteristics that can be obtained with a legitimate license through legal
means.
characteristics that can be obtained with a legitimate license through legal
means.
Dialer
A dialer is a program that utilizes your modem or another type of Internet access
to connect you to a phone line or a site that causes you to accrue long distance
charges to which you did not provide your full consent.
to connect you to a phone line or a site that causes you to accrue long distance
charges to which you did not provide your full consent.
Generic Spyware
Spyware is a type of malware installed on computers that collects small pieces
of information about users without their knowledge.
of information about users without their knowledge.
Hijacker
A hijacker modifies system settings or any unwanted changes to a user’s system
that may direct them to a website or run a program without a users consent.
that may direct them to a website or run a program without a users consent.
Known Malicious
and High-Risk Files
and High-Risk Files
These are files that were identified as threats by the Advanced Malware
Protection file reputation service.
Protection file reputation service.
Other Malware
This category is used to catch all other malware and suspicious behavior that
does not exactly fit in one of the other defined categories.
does not exactly fit in one of the other defined categories.
Phishing URL
A phishing URL is displayed in the browser address bar. In some cases, it
involves the use of domain names and resembles those of legitimate domains.
involves the use of domain names and resembles those of legitimate domains.
PUA
Potentially Unwanted Application. A PUA is an application that is not
malicious, but may be considered to be undesirable.
malicious, but may be considered to be undesirable.
System Monitor
A system monitor encompasses any software that performs one of the
following:
following:
•
Overtly or covertly records system processes and/or user action.
•
Makes those records available for retrieval and review at a later time.
Trojan Downloader
A trojan downloader is a Trojan that, after installation, contacts a remote
host/site and installs packages or affiliates from the remote host.
host/site and installs packages or affiliates from the remote host.
Trojan Horse
A trojan horse is a destructive program that masquerades as a benign
application. Unlike viruses, Trojan horses do not replicate themselves.
application. Unlike viruses, Trojan horses do not replicate themselves.
Trojan Phisher
A trojan phisher may sit on an infected computer waiting for a specific web page
to be visited or may scan the infected machine looking for user names and
passwords.
to be visited or may scan the infected machine looking for user names and
passwords.
Virus
A virus is a program or piece of code that is loaded onto your computer without
your knowledge.
your knowledge.
Worm
A worm is program or algorithm that replicates itself over a computer network
and performs malicious actions.
and performs malicious actions.
Malware Type
Description