I have few queries:
I am seeing the below when using cliadmin:
Total Packets Received : 114943943
Total Packets Sent : 67602933
Total CRC Errors Rcvd : 0
Total Other Errors Rcvd : 38516
Total CRC Errors Sent : 0
Total Other Errors Sent : 0
IP Address : IP Address
Netmask : net mask
MAC Address : MAC address
Malware Interface Port : NO
Malware Gateway :
Does “Malware Interface Port : NO” means that there is no configuration for malware interface ? If yes then how the analysis is happening?
2) How to have a dedicated DSL connection for that purpose?
3) Also, How to check whether DNS resolver is running on the ATD or not ?
If the malware interface in NO then the malware interface is not configured.
To configure malware dns on management port (eth0) you just need to perform the following command
set malware-intfport mgmt
If you wish to use another interface for malware port (eth1, eth2, eth3) then you need to specify the interface's name, for example you want to use eth1 as malware port, these are the steps
set intfport 1 enable
set intfport 1 auto
set intfport 1 ip A.B.C.D E.F.G.H
set malware-intfport 1 gateway A.B.C.D
set malware-dns A.B.C.D
To check whether DNS resolver is running on the ATD or not ? you need to use nslookup from CLI and the resolution should use malware dns, as highlighted below:
Checking Name resolution for any_domain_name using malware-dns
Hope this helps,
I tried doing the below:
Checking Name resolution for domainname using malware-dns
;; connection timed out; no servers could be reached
Check DNS settings, DNS server either not present or down
nslookup failed, connection timed out or DNS not configured
Am I doing it correctly ? or Do I need to check something else ?