Chapter 40 Reputation Filter
ZyWALL Series CLI Reference Guide
340
40.3.7 URL Threat Filter Statistics Example
This example shows how to collect and display URL Threat Filter statistics.
40.3.7.1 Security Threat Category Definitions
The following table contains a list of URL Threat Filter (previously Anti-Botnet Filter) categories in firmware
version 4.50 or earlier.
show anti-botnet statistics
summary
Displays the collected URL Threat Filter IP blocking statistics.
show anti-botnet statistics
collect status
Displays whether the collection of URL Threat Filter IP blocking statistics is
turned on or off.
show anti-botnet statistics
recent-activities
Displays a list of connection attempts to or from the URL Threat Filter IP
addresses.
show threat-website
statistics collect
Displays whether the collection of URL Threat Filter blocking statistics is
turned on or off.
show threat-website
statistics list
Displays a list of connection attempts to or from the web pages of the
specified categories.
show threat-website
statistics summary
Displays the collected URL Threat Filter blocking statistics.
Table 185 Commands for URL Threat Filter Statistics (continued)
COMMAND DESCRIPTION
Router(config)# anti-botnet statistics collect
Router(config)# show anti-botnet statistics collect status
Anti-BotNet Statistics Status: yes
duration: since 2018-07-09 17:38:15 to 2018-07-09 18:17:15
Router(config)# show anti-botnet statistics summary
enable: 1
scan: 0
total_threat: 0
high: 0
medium: 0
low: 0
Router(config)#
Table 186 Legacy Category Descriptions
CATEGORY DESCRIPTION
Anonymizers
Sites and proxies that act as an intermediary for surfing to other Web sites in an
anonymous fashion, whether to circumvent web filtering or for other reasons.
Botnets
A botnet is a network consisting of computers that are infected with malware and
remotely controlled. The infected computers will contact and wait for instructions
from a command and control (C&C) server. An attacker can control the botnet
by setting up a C&C server and then sending commands to the infected
computers. Alternatively, a peer-to-peer network approach is used. The infected
computer scans and communicates with the peer devices in the same botnet to
share commands or malware sent by the C&C server. These are botnet sites
including command-and-control (C&C) servers
To Next Page
Loading...
