http://wiki.imfirewall.com/index.php?action=history&feed=atom&title=Indicator Indicator - 版本历史 2026-04-17T07:01:22Z 本wiki的该页面的版本历史 MediaWiki 1.25.2 http://wiki.imfirewall.com/index.php?title=Indicator&diff=1824&oldid=prev WFilter:/* 相关链接 */ 2024-01-10T07:24:42Z <p>‎<span dir="auto"><span class="autocomment">相关链接</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;'> <td colspan='2' style="background-color: white; color:black; text-align: center;">←上一版本</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">2024年1月10日 (三) 07:24的版本</td> </tr><tr><td colspan="2" class="diff-lineno" id="L28" >第28行:</td> <td colspan="2" class="diff-lineno">第28行:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.imfirewall.com/blog/post/581.html 接到上级部门通告有挖矿木马如何处理?]</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.imfirewall.com/blog/post/581.html 接到上级部门通告有挖矿木马如何处理?]</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.imfirewall.com/blog/post/577.html 接到上级部门通知局域网内有僵尸木马怎么处置?]</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>* [http://www.imfirewall.com/blog/post/577.html 接到上级部门通知局域网内有僵尸木马怎么处置?]</div></td></tr> <tr><td colspan="2">&#160;</td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">* [https://www.bilibili.com/video/BV18c411t7yx/ 怎样定位查找局域网内中了木马病毒的电脑?检测到失陷主机怎么解决?]</ins></div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:安全防护]]</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:安全防护]]</div></td></tr> <!-- diff cache key wikidb_ros:diff:version:1.11a:oldid:1797:newid:1824 --> </table> WFilter http://wiki.imfirewall.com/index.php?title=Indicator&diff=1797&oldid=prev WFilter:/* IPS检测项配置 */ 2023-08-04T03:26:47Z <p>‎<span dir="auto"><span class="autocomment">IPS检测项配置</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;'> <td colspan='2' style="background-color: white; color:black; text-align: center;">←上一版本</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">2023年8月4日 (五) 03:26的版本</td> </tr><tr><td colspan="2" class="diff-lineno" id="L22" >第22行:</td> <td colspan="2" class="diff-lineno">第22行:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[文件:indicator02.png|900px]]</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[文件:indicator02.png|900px]]</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td colspan="2">&#160;</td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr> <tr><td colspan="2">&#160;</td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[[文件:indicator03.png|900px]]</ins></div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>= 相关链接 =</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>= 相关链接 =</div></td></tr> <!-- diff cache key wikidb_ros:diff:version:1.11a:oldid:1794:newid:1797 --> </table> WFilter http://wiki.imfirewall.com/index.php?title=Indicator&diff=1794&oldid=prev WFilter:创建页面,内容为“{{DISPLAYTITLE:木马检测}} == 木马检测模块 == “木马检测”模块基于入侵检测,可以检测内网感染了木马病毒的终端,触发告警...” 2023-08-04T03:24:36Z <p>创建页面,内容为“{{DISPLAYTITLE:木马检测}} == 木马检测模块 == “木马检测”模块基于入侵检测,可以检测内网感染了木马病毒的终端,触发告警...”</p> <p><b>新页面</b></p><div>{{DISPLAYTITLE:木马检测}}<br /> == 木马检测模块 ==<br /> <br /> “木马检测”模块基于入侵检测,可以检测内网感染了木马病毒的终端,触发告警并且封锁IP地址。<br /> <br /> == 木马检测配置项 ==<br /> 如下图,木马检测包括如下配置:<br /> <br /> * 检测处理:配置检测到木马病毒时采用的策略。<br /> ** 仅记录日志,只记录相应的攻击日志。<br /> ** 记录日志并封锁IP,记录攻击的日志,并在指定时间段内自动禁止来自该IP的访问。<br /> * 事件告警:是否把攻击事件记录到“事件查看器”模块。<br /> * IPS检测项:配置要启用的检测规则集,以及检测选项。<br /> * 例外的IP地址:对来自例外的IP地址和网段不进行检测,格式支持IP或者IP段,如:192.168.1.20,192.168.1.20/24。<br /> <br /> [[文件:indicator01.png|900px]]<br /> <br /> == IPS检测项配置 ==<br /> <br /> 如下图所示,点击状态图标可以切换是否启用该检测项,点击放大镜图标可以查看该检测项包含的检测条目。<br /> <br /> [[文件:indicator02.png|900px]]<br /> <br /> <br /> = 相关链接 =<br /> * [http://www.imfirewall.com/blog/post/581.html 接到上级部门通告有挖矿木马如何处理?]<br /> * [http://www.imfirewall.com/blog/post/577.html 接到上级部门通知局域网内有僵尸木马怎么处置?]<br /> <br /> [[Category:安全防护]]</div> WFilter