Hostwatch, Authentication list, Blocked sites list – WatchGuard Technologies FireboxTM System 4.6 User Manual
Page 108
HostWatch
98
198.148.32.0
*
255.255.255.0
U
1500
0
129
eth1:0
127.0.0.0
*
255.0.0.0
U
3584
0
9 lo
default
207.54.9.30
*
UG
1500
0
95
eth0
ARP table
A snapshot of the ARP table on the running Firebox. The ARP table is used to
map IP addresses to hardware addresses:
ARP Table
Address
HWtype
HWaddress
Flags Mask
Iface
207.23.8.32
ether
00:20:AF:B6:FA:29
C
*
eth1
207.23.8.52
ether
00:A0:24:2B:C3:E6
C
*
eth1
207.23.8.21
ether
00:80:AD:19:1F:80
C
*
eth0
201.148.32.54
ether
00:A0:24:4B:95:67
C
*
eth1:0
201.148.32.26
ether
00:A0:24:4B:98:7F
C
*
eth1:0
207.23.8.30
ether
00:A0:24:79:96:42
C
*
eth0
Authentication list
The Authentication List tab displays the host IP addresses and user names of
everyone currently authenticated to the Firebox. If you are using DHCP, the IP
address—to—user name mapping changes whenever machines restart.
Blocked Sites list
The Blocked Sites List tab lists the IP addresses (in slash notation) of any external
sites that are temporarily blocked by port space probes, spoofing attempts, address
space probes, or another event configured to trigger an auto-block.
Next to each blocked site is the amount of time remaining on the temporary auto-
block. You can adjust the auto-blocking value from the Blocked Sites dialog box
available through Policy Manager.
You can selectively remove sites from this blocked list either by selecting the site and
clicking the X toolbar button or by double-clicking a site. If the display is in
continuous refresh mode (that is, if the Continue button on the toolbar is active),
selecting a site on the list or clicking the X button stops the refresh mode. (The X and
Continue buttons are grayed out unless the Blocked Sites list is shown.)
If you opened the Firebox with the monitoring (read-only) passphrase, Firebox
Monitors prompts you to enter the configuration (read-write) passphrase before
removing a site from the list.
HostWatch
HostWatch is a real-time display of active connections occurring on a Firebox. It can
also graphically represent the connections listed in a log file, either playing back a
previous file for review or displaying connections as they are logged into the current
log file. HostWatch provides graphical feedback on network connections between the
trusted and external networks as well as detailed information about users,
connections, and network address translation.