wbr
Ted
Sunday, February 17, 2008
Zywall USG200
As I mentioned before the Zywall USG 200 is now in beta. It has the size of the Zywall 5/35 and is fanless. I've included some pictures and screenshots below, enjoy. I know the pictures is not great , but I'm not much of a photographer.
wbr
Ted
wbr
Ted
Wednesday, February 6, 2008
One more..
I just want to assure everyone that I did not intend this blog to be "a bug a day" blog. It just so happens that I found some while working with ZyAgent. I'm putting it hear since I have not intention of making any work arounds in ZyAgent. So if it's not working you know why.
Why am I not adding a work around ? Well it would require more changes to my code and I rather keep it the way it is. Besides I expect Zywall RD will fix this since.
This time it's the category for things like signature updates , that is wrong. In the zywall internal log it's "myZyXEL.com" , while in the Syslog string it shows up as cat="Myzyxel Dot Com".
As always the bug has been reported to Zyxel
wbr
Ted
Why am I not adding a work around ? Well it would require more changes to my code and I rather keep it the way it is. Besides I expect Zywall RD will fix this since.
This time it's the category for things like signature updates , that is wrong. In the zywall internal log it's "myZyXEL.com" , while in the Syslog string it shows up as cat="Myzyxel Dot Com".
As always the bug has been reported to Zyxel
wbr
Ted
Monday, February 4, 2008
New bug (USG300)
I finally got around to register my Zywall USG 300 and activate the Anti-virus and IDP. To see that the service was in fact running I visited the Eicar site. I was very disappointed to see that there was no reaction from ZyAgent.
Checking the internal log in the zywall reviled that the event had in fact been handled.
This reminded me of the situation with my last post , where the logging was inconsistent. So I checked the syslog string that was sent from the Zywall.
Once again we see there is a mismatch with the categories. It was tested with both last available beta firmware and the last FCS firmware. Both had the same problem.
The problem has been reported to the beta team, there has been no feedback yet. Due to Chinese new years, I don't think there will be any feedback for at least a week.
I had a chance to look a the new USG 200 today, and it looked very nice. It is fan-less so might be a better option then the USG 300 as a home device. The new 2.1 firmware has some nice improvements to make life more easy. I might post some screen shoots and pictures if I get around to it.
wbr
Ted
Checking the internal log in the zywall reviled that the event had in fact been handled.
# Time Priority Category Message Source Destination Note
1 2008-02-04 00:29:57 warn Anti-Virus HTTP Virus infected - ID:2053,EICAR-Test-File,anti_virus_test_file.htm. xxx.xxx.xxx.xxx:80 xxx.xxx.xxx.xxx:4093 FILE DESTROY
This reminded me of the situation with my last post , where the logging was inconsistent. So I checked the syslog string that was sent from the Zywall.
<140>Feb 4 00:32:18 zywall-usg-300 src="xxx.xxx.xxx.xxx:80" dst="xxx.xxx.xxx.xxx:4123" msg="HTTP Virus infected - ID:2053,EICAR-Test-File,anti_virus_test_file.htm." note="FILE DESTROY" user="unknown" devID="xxxxxxxxxxxxx" cat="Anti Virus"
Once again we see there is a mismatch with the categories. It was tested with both last available beta firmware and the last FCS firmware. Both had the same problem.
The problem has been reported to the beta team, there has been no feedback yet. Due to Chinese new years, I don't think there will be any feedback for at least a week.
I had a chance to look a the new USG 200 today, and it looked very nice. It is fan-less so might be a better option then the USG 300 as a home device. The new 2.1 firmware has some nice improvements to make life more easy. I might post some screen shoots and pictures if I get around to it.
wbr
Ted
Subscribe to:
Posts (Atom)