ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
System Logs and Error Messages C-15
v1.0, September 2009
IPS Logs
This section describes logs that are generated when traffic matches IPS rules.
Port Scan Logs
This section describes logs that are generated when ports are scanned.
Instant Messaging/Peer-to-Peer Logs
This section describes logs that are generated when the UTM filters instant messaging and peer to
peer traffic.
Table C-23. Content Filtering and Security Logs: IPS
Message 2008-12-31 23:59:37 drop TCP 192.168.1.2 3496
192.168.35.165 8081 WEB-CGI Trend Micro OfficeScan CGI password
decryption buffer overflow attempt
Explanation Logs that are generated when traffic matches IPS rules. The message shows
the date and time, action that is taken, protocol, client IP address, client port
number, server IP address, server port number, IPS category, and reason for
the action.
Recommended Action None
Table C-24. Content Filtering and Security Logs: Port Scan
Message 2008-12-31 23:59:12 192.168.1.10 192.168.35.160 5 10 1
18:188 UDP Portscan
Explanation Logs that are generated when port scans are detected. The message shows
the date and time, client IP address, server IP address, connection number, IP
number, port number, port range, and details.
Recommended Action None
Table C-25. Content Filtering and Security Logs: Instant Messaging/Peer-to-Peer
Message 2008-12-31 23:59:31 0 block 1 8800115 2 TCP 192.168.1.2 543
65.54.239.210 1863 MSN login attempt
Explanation Logs that are generated when an IM/P2P traffic violation occurs. The message
shows the date and time, action that is taken, protocol, client IP address, client
port number, server IP address, server port number, IM/P2P category, and
reason for the action.
Recommended Action None