Companychasenetworks.com/airespring/agents/Airespring-SampleGMSReport.… · 5.4 52.6.111.117...

Created on: January 20, 201X 09:05 Powered By

CompanyWeekly GMS Report

Report Date: January 11, 201X - January 17, 201X

Table Of Contents

Firewall 3......................................................................................................................................................................SonicWall Name................................................................................................................................................. 3

Data Usage - Timeline ...................................................................................................................................................................................... 3Data Usage - Top Initiators ............................................................................................................................................................................... 4Data Usage - Top Responders ......................................................................................................................................................................... 5Web Activity - Top Sites ................................................................................................................................................................................... 6Web Activity - Top Initiators .............................................................................................................................................................................. 7Web Filter - Top Categories ............................................................................................................................................................................. 8Web Filter - Web Filter By Initiators ................................................................................................................................................................. 9Intrusions - Top Intrusions Detected ............................................................................................................................................................... 11Intrusions - Top Initiators ................................................................................................................................................................................ 12Gateway Viruses - Top Viruses Blocked ........................................................................................................................................................ 13Attacks - Top Attempts ................................................................................................................................................................................... 14Attacks - Top Targets ...................................................................................................................................................................................... 15Attacks - Top Initiators .................................................................................................................................................................................... 16

3 Powered By

FirewallSonicWall

Data Usage - Timeline: January 11, 201X - January 17, 201X

Timeline

Time Connections Transferred Cost

1 Jan 11, 201X 2,561,211 36.18 GB USD 370.532 Jan 12, 201X 2,514,811 33.49 GB USD 342.973 Jan 13, 201X 2,596,925 41.4 GB USD 423.954 Jan 14, 201X 2,476,341 34.95 GB USD 357.875 Jan 15, 201X 2,420,474 25.64 GB USD 262.586 Jan 16, 201X 2,145,872 24.64 GB USD 252.347 Jan 17, 201X 3,292,516 7.43 GB USD 76.11

Total: 18,008,150 203.74 GB USD 2,086.34

• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain

n.orlina

Placed Image

n.orlina

Placed Image

n.orlina

Placed Image

n.orlina

Placed Image

n.orlina

Placed Image

n.orlina

Placed Image

n.orlina

Placed Image

4 Powered By

Data Usage - Top Initiators: January 11, 201X - January 17, 201X

Initiators

Initiator IP Initiator Host User Connections Transferred

1 172.17.17.7 1,703,130 42.79 GB2 192.168.11.49 419,010 30.67 GB3 192.168.11.240 8,832 13.31 GB4 192.168.11.240 99,605 12.9 GB5 172.17.17.100 5,551 12.02 GB

Total: 2,236,128 111.69 GB


n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

5 Powered By

Data Usage - Top Responders: January 11, 201X - January 17, 201X

Responders

Responder IP Responder Host Connections Transferred

1 172.30.100.121 117,632 56.44 GB2 172.30.100.127 20 11.68 GB3 172.30.100.124 17,122 6.89 GB4 172.17.17.23 1,220,438 3.58 GB5 71.107.31.98 25 2.74 GB

Total: 1,355,237 81.34 GB


n.orlina

Line

n.orlina

Line

camchutil2k8.ci.camarillo.ca.us

mail.oasistechnology.com

6 Powered By

Web Activity - Top Sites: January 11, 201X - January 17, 201X

Sites

Site IP Site Name Category Browse Time Hits Transferred

1 172.30.100.121 N/A 48:02:06 115,284 28.87 GB2 17.253.27.204 iosapps.itunes.apple.com Information Techn

ology/Computers00:01:34 63 2.7 GB

3 23.216.10.107 wsus.ds.download.windowsupdate.comInformation Technology/Computers

00:20:24 816 2.69 GB

4 13.107.4.50 download.windowsupdate.comInformation Technology/Computers

01:02:07 2,485 2.41 GB

5 216.115.97.236 s.yimg.com Business and Economy

22:24:58 53,799 2.34 GB

Total: 172,447 39.01 GB


iosapps.itunes.apple.com

wsus.ds.download.windowsupdate.com

download.windowsupdate.com

s.yimg.com

7 Powered By

Web Activity - Top Initiators: January 11, 201X - January 17, 201X

Initiators

Initiator IP Initiator Host User Browse Time Hits Transferred

1 172.17.17.7 709:06:06 1,701,844

42.09 GB

2 192.168.11.49 163:48:04 393,123 29.7 GB3 192.168.11.70 09:55:24 23,816 6.75 GB4 172.17.17.23 08:07:12 19,488 3.83 GB

5 192.168.11.240 40:29:01 97,161 3.67 GB

Total: 2,235,432 86.05 GB


n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

8 Powered By

Web Filter - Top Categories: January 11, 201X - January 17, 201X

Categories

Category Attempts

1 Chat/Instant Messaging (IM) 7822 Games 3083 Personals and Dating 444 Pay to Surf Sites 375 Hacking/Proxy Avoidance Systems 32

Total: 1,203


9 Powered By

Web Filter - Web Filter By Initiators: January 11, 201X - January 17, 201X

Web Filter By Initiators

Initiator IP Initiator Host User Attempts

1.0 192.168.11.49 660

Site IP Site Name Category Attempts

1.1 52.3.17.42 us32.zopim.com Chat/Instant Messaging (IM) 391.2 185.48.81.27 mobilecrush.king.com Games 351.3 54.203.255.29 costcouem.compuwareapmaas.com Hacking/Proxy Avoidance Systems 241.4 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 221.5 40.118.214.164 pipe.skype.com Chat/Instant Messaging (IM) 21

2.0 172.17.17.7 247


2.1 216.58.217.209 app.snapchat.com Chat/Instant Messaging (IM) 202.2 54.69.172.44 us42.zopim.com Chat/Instant Messaging (IM) 152.3 52.5.25.66 us24.zopim.com Chat/Instant Messaging (IM) 122.4 52.34.120.137 api.content.ad Pay to Surf Sites 122.5 54.68.134.230 us22.zopim.com Chat/Instant Messaging (IM) 12

3.0 192.168.11.70 233


3.1 40.78.98.202 pipe.skype.com Chat/Instant Messaging (IM) 1763.2 40.122.44.96 prod.registrar.skype.com Chat/Instant Messaging (IM) 273.3 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 143.4 23.101.115.193 a.config.skype.com Chat/Instant Messaging (IM) 93.5 23.216.11.48 vassg142.ocsp.omniroot.com Games 2

4.0 192.168.11.70 35


4.1 40.78.98.202 pipe.skype.com Chat/Instant Messaging (IM) 284.2 40.122.44.96 prod.registrar.skype.com Chat/Instant Messaging (IM) 6

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

n.orlina

Line

us32.zopim.com

mobilecrush.king.com

costcouem.compuwareapmaas.com

b.config.skype.com

pipe.skype.com

app.snapchat.com

us42.zopim.com

us24.zopim.com

api.content.ad

us22.zopim.com

pipe.skype.com

prod.registrar.skype.com

b.config.skype.com

a.config.skype.com

vassg142.ocsp.omniroot.com

pipe.skype.com

prod.registrar.skype.com

10 Powered By

Initiator IP Initiator Host User Attempts


4.3 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 1

5.0 192.168.11.240 34


5.1 72.14.249.2 www.snapengage.com Chat/Instant Messaging (IM) 195.2 69.25.247.53 vmp.boldchat.com Chat/Instant Messaging (IM) 105.3 173.205.77.17 vassg142.ocsp.omniroot.com Games 25.4 52.6.111.117 us30.zopim.com Chat/Instant Messaging (IM) 25.5 54.241.146.39 api.content.ad Pay to Surf Sites 1

Total: 1,209

• Report generated for timezone: Pacific Standard Time• Report owner: admin@LocalDomain

b.config.skype.com

www.snapengage.com

vmp.boldchat.com

vassg142.ocsp.omniroot.com

us30.zopim.com

api.content.ad

11 Powered By

Intrusions - Top Intrusions Detected: January 11, 201X - January 17, 201X

Intrusions

Intrusion Priority Events

1 NetBIOS Name Request Probe Low 7,1652 SMTP Relay Denied Low 3,1583 Suspicious XML File -l 01 Low 2324 FTP Login Failed 1 Low 1595 HTTP Request URI with SQL Statement (AND) 2 Low 139

Total: 10,853


12 Powered By

Intrusions - Top Initiators: January 11, 201X - January 17, 201X

Initiators

Initiator IP Initiator Host User Events

1 192.168.101.2 6,9102 172.17.17.5 2,9573 172.17.17.5 2014 172.30.100.122 1595 192.168.103.21 110

Total: 10,337


n.orlina

Line

n.orlina

Line

13 Powered By

Gateway Viruses - Top Viruses Blocked: January 11, 201X - January 17, 201X

Gateway Viruses

Virus Action Events

1 Neshta.A_36 (Virus). Blocked 2412 (Cloud Id: 22088276) Agent.FL (Trojan). Blocked 933 CVE--2015-0313.A (Exploit). Blocked 34 Encrypted Zipped File. Blocked 25 C99Shell.F (Trojan). Blocked 2

Total: 341


14 Powered By

Attacks - Top Attempts: January 11, 201X - January 17, 201X

Attacks

Attack Events

1 Possible port scan detected 1,3442 Probable port scan detected 4653 Possible SYN Flood on IF X0 - from machine xx:xx:56:99:62:e0 with SYN rate of 1/sec has ceased 3774 IP spoof dropped 2475 Possible SYN Flood on IF X0 - from machine xx:xx:56:99:62:e0 with SYN rate of 0/sec has ceased 161

Total: 2,594


15 Powered By

Attacks - Top Targets: January 11, 201X - January 17, 201X

Targets

Target IP Target Host Events

1 1 1 2,6272 108.13.229.78 static-108-13-229-78.lsanca.fios.verizon.net 1,3403 172.17.17.7 3864 164.67.62.194 tick.ucla.edu 1635 164.67.62.194 tick.ucla.edu 154

Total: 4,670


n.orlina

Line

n.orlina

Line

16 Powered By

Attacks - Top Initiators: January 11, 201X - January 17, 201X

Initiators

Initiator IP Initiator Host User Events

1 1 1 1 2,6272 216.115.97.236 l1.ycs.vip.lax.yahoo.com 5633 108.13.229.78 static-108-13-229-78.lsanca.fios.

verizon.net317

4 192.168.14.3 2205 216.115.97.236 l1.ycs.vip.lax.yahoo.com 99

Total: 3,826


Date post:	14-Aug-2020
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

Companychasenetworks.com/airespring/agents/Airespring-SampleGMSReport.… · 5.4 52.6.111.117...

Documents