Trend Micro InterScan Web Security Suite Windows版管理者ガイド

Trend Micro InterScan Web Security Suite Windows

注意事項トレンドマイクロへのお客様情報の送信について URLWeb URL URLWeb Web ID Web URL ID Web Web /TrendCare/ /Web URL 輸出規制について U.S. Export Administration Regulations http://www.treas.gov/ofac/http://www.bis.doc.gov/complianceandenforcement/liststocheck.htm 2008 4 著作権について TRENDMICRO On-Line-Scan PC-cillin InterScan INTERSCAN VIRUSWALL ISVW InterScanWebManager ISWM InterScan Message Security Suite InterScan Web Security Suite IWSS TRENDMICRO SERVERPROTECT PortalProtect Trend Micro Control Manager Trend Micro MobileSecurity VSAPI Trend Micro Policy Server License for Enterprise Information Security LEISec Trend Park Trend Labs Trend Micro Enterprise Protection Strategy InterScan Gateway Security Appliance Trend Micro Network VirusWall Network VirusWall Enforcer Trend Flex Security EPS Trend Micro EPS LEAKPROOF Trend Expert on Guard InterScan Messaging Security Appliance InterScan Web Security ApplianceInterScan Messaging Hosted Security Copyright 2003-2008 Trend Micro Incorporated. All rights reserved. P/N: IWSSNT-AE0300 (2008/11)

... 13... 14... 15... 15 1... 17... 18 Web... 18... 19... 19... 19 IntelliTunnel... 20 URL... 20... 21... 21 ICAP... 21 AAxS... 22 FTP... 22 X ICAP... 22... 22 HTTP FTP... 23... 24 Web... 24... 24 iii

Trend Micro InterScan Web Security Suite... 25... 25 ICAP 1.0... 26... 26 Web Cache Communication Protocol... 26... 27 HTTP... 27 /ActiveX... 27 URL... 27... 28 URL... 28... 28... 28 FTP... 29... 29... 29 IWSS... 30 IWSS... 31... 31... 32... 33... 34... 35... 36... 38... 38... 40 iv

... 41 IWSS... 41 IWSS... 41... 42... 43 2... 45... 46 IWSS Web... 47 Web... 48... 48... 53 IWSS... 53 HTTP... 54 EICAR IWSS... 54 3... 57 ( )... 58... 59... 59... 60... 61... 61... 61... 61... 62 v

Trend Micro InterScan Web Security Suite 4... 63... 64... 65... 66... 66... 67... 67 IP... 67... 68... 69 HTTP... 81 Java /ActiveX... 83 /ActiveX... 84 URL... 87 URL... 88... 89... 89... 89... 90 IntelliTunnel... 90... 90... 91... 91 URL... 92 FTP... 94 FTP... 94 vi

5... 97... 98 IP... 98... 98 / (LDAP)... 100... 105 6 HTTP... 107 HTTP... 108 HTTP... 108 Web... 109 Web... 110 URL... 113 HTTP... 114... 121... 122 7 /ActiveX... 125 /ActiveX... 126 /ActiveX... 126 /ActiveX... 132... 133... 135 ActiveX... 136... 137... 140 vii

Trend Micro InterScan Web Security Suite 8 URL IntelliTunnel... 143 URL... 144 URL... 144... 145 URL... 147 URL URL... 147 URL... 149... 151 IntelliTunnel... 152 9 URL... 155... 156 URL... 157 URL... 157 URL... 159 10 FTP... 167 FTP... 168 FTP... 168 FTP FTP... 169 FTP... 170... 172 FTP... 172 IP... 173 IP... 174... 174 viii

11... 177... 178... 178... 183... 185 (LDAP )... 185 ICAP... 186 12... 187... 188... 188 Web... 189 (HTTPS)... 190 IWSS URL /ActiveX.. 194... 194... 194... 195... 196 IWSS... 196 Trend Micro Control Manager... 197 13... 199... 200... 200 /... 201... 204 ix

Trend Micro InterScan Web Security Suite 14... 215... 216... 216... 217 /... 217... 218... 218... 218... 219... 219... 219... 220... 220... 220... 220... 223... 225... 226... 227... 228... 236... 236... 238 CSV... 240 A MIME... 241 x

B... 245... 246... 247 C OpenLDAP... 249 OpenLDAP... 250... 250... 250... 256... 259 LDIF... 261... 262... 265 xi

Trend Micro InterScan Web Security Suite xii

Trend Micro InterScan Web Security Suite Readme http://www.trendmicro.co.jp/download/ Q&A Web http://esupport.trendmicro.co.jp 14

Trend Micro InterScan Web Security Suite 16

Trend Micro InterScan Web Security Suite Web 18

Web 19

Trend Micro InterScan Web Security Suite IntelliTunnel URL 20

ICAP 21

Trend Micro InterScan Web Security Suite AAxS FTP X ICAP [ ] [ ]: 22

( ): [ ] [ ]: [ ] [ ]: HTTP FTP 23

Trend Micro InterScan Web Security Suite Web 24

Trend Micro InterScan Web Security Suite ICAP 1.0 Web Cache Communication Protocol 26

HTTP /ActiveX URL 27

Trend Micro InterScan Web Security Suite URL 28

FTP 29

Trend Micro InterScan Web Security Suite IWSS 30

IWSS IntelliTunnel 31

Trend Micro InterScan Web Security Suite URL 32

lpt$vpn.### 33

Trend Micro InterScan Web Security Suite lpt$vpn.### \Program Files\Trend Micro\InterScan Web Security Suite\phishB.ini 34

\Program Files\Trend Micro\InterScan Web Security Suite\ssaptn.### ### ssaptn.### 35

Trend Micro InterScan Web Security Suite 36

Trend Micro InterScan Web Security Suite http://www.trendmicro.co.jp/download/engine.asp#prod_34 38

Trend Micro InterScan Web Security Suite 40

IWSS IWSS HTTP FTP URL /ActiveX 41

Trend Micro InterScan Web Security Suite SNMP IWSS Control Manager Trend Micro InterScan Web Security Suite Console (tomcat5.exe) Trend Micro InterScan Web Security Suite for FTP (iwssd.exe) Trend Micro InterScan Web Security Suite for HTTP (iwssd.exe) Trend Micro IWSS Log Import (logtodb.exe) Trend Micro IWSS Notification Delivery Service (isdelvd.exe) Trend Micro SNMP Service (snmpmonitor.exe) Trend Micro IWSS TMCM Agent Service (En_Main.exe) Trend Micro IWSS Metric Management Service (metricmanage.exe) 42

purgefile.exe schedulereport.exe scheduledprupdate.exe scheduledau.exe cleanfile.exe DbOldDataCleanup.exe 43

Trend Micro InterScan Web Security Suite 44

Trend Micro InterScan Web Security Suite 2-1. 46

IWSS Web IWSS Web http://localhost:1812 IWSS Web http://< >:1812/index.jsp http://<ip >:1812/index.jsp 47

Trend Micro InterScan Web Security Suite Web admin adminiwss85 2-2. IWSS < >\quarantine 48

2-2. IWSS 49

Trend Micro InterScan Web Security Suite 2-2. IWSS 50

2-2. IWSS \ 51

Trend Micro InterScan Web Security Suite 2-2. IWSS iscan_web_server iscan_web_server=1.2.3.4:1812 hosts 52

IWSS 53

Trend Micro InterScan Web Security Suite HTTP HTTP EICAR IWSS EICAR http://www.trendmicro.co.jp/download/test-virus.asp http://www.eicar.org/anti_virus_test_file.htm 54

\ 55

Trend Micro InterScan Web Security Suite 56

Trend Micro InterScan Web Security Suite ( ) 58

Trend Micro InterScan Web Security Suite URL 60

lpt$vpn.400 lpt$vpn.401 61

Trend Micro InterScan Web Security Suite 62

Trend Micro InterScan Web Security Suite HTTP Java /ActiveX URL 64

IntelliTunnel 65

Trend Micro InterScan Web Security Suite 66

IP 67

Trend Micro InterScan Web Security Suite HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Internet Settings\User Agent\Post Platform 68

< >\ieagent\ register_user_agent_header.exe 69

Trend Micro InterScan Web Security Suite 70

/ IP ( HTTP ) 71

Trend Micro InterScan Web Security Suite 4-1. LDAP (Active Directory ) 72

4-1. BASIC NTLM BASIC NTLM 73

Trend Micro InterScan Web Security Suite 4-1. BASIC NTLM ( ) BASIC NTLM 74

IWSS LDAP LDAP Kerberos NTLM 4-2. LDAP 75

Trend Micro InterScan Web Security Suite LDAP 4-2. Kerberos LDAP 76

Trend Micro InterScan Web Security Suite 4-3. BASIC NTLM BASIC NTLM 78

LDAP 79

Trend Micro InterScan Web Security Suite Active Directory 80

HTTP 81

Trend Micro InterScan Web Security Suite 82

Java /ActiveX 4-3. Java 83

Trend Micro InterScan Web Security Suite /ActiveX 1: /ActiveX ActiveX 4-4. ActiveX 84

Java 2: Java 85

Trend Micro InterScan Web Security Suite 3: 4: 86

URL 87

Trend Micro InterScan Web Security Suite URL 88

Trend Micro InterScan Web Security Suite IntelliTunnel 90

Google Jabber IM 91

Trend Micro InterScan Web Security Suite URL 92

Trend Micro InterScan Web Security Suite FTP FTP 94

< >@<FTP > FTP 95

Trend Micro InterScan Web Security Suite FTP 96

Trend Micro InterScan Web Security Suite IP IP intscan.ini [user-identification] use_mac_address=no use_mac_address=yes 98

register_user_agent_header.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform 99

Trend Micro InterScan Web Security Suite register_user_agent_header.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Internet Settings\User Agent\Post Platform IWSS:< >/<MAC > < > <MAC > / (LDAP) LDAP Kerberos NTLM 5-1. LDAP 100

LDAP / IWSS 101

Trend Micro InterScan Web Security Suite 102

(KDC) (KDC) 103

Trend Micro InterScan Web Security Suite 104

105

Trend Micro InterScan Web Security Suite 106

HTTP 107

Trend Micro InterScan Web Security Suite HTTP HTTP HTTP HTTP 108

HTTP Web Web 109

Trend Micro InterScan Web Security Suite Web Web Web / Web 110

HTTP Web Web 111

Trend Micro InterScan Web Security Suite ( ) ( ) 112

HTTP URL URL 113

Trend Micro InterScan Web Security Suite HTTP 114

HTTP 115

Trend Micro InterScan Web Security Suite HTTP 116

HTTP 6-1. IWSS DoS [ ] [ ] 117

Trend Micro InterScan Web Security Suite 6-2. 118

HTTP HTTP xx % 119

Trend Micro InterScan Web Security Suite 6-3. 120

HTTP 6-4. 121

Trend Micro InterScan Web Security Suite < インストールディレクトリ >\quarantine 122

HTTP 1 2 123

Trend Micro InterScan Web Security Suite 124

/ActiveX 125

Trend Micro InterScan Web Security Suite /ActiveX HTTP /ActiveX /ActiveX 126

/ActiveX Java 127

Trend Micro InterScan Web Security Suite 128

/ActiveX Java 129

Trend Micro InterScan Web Security Suite 130

/ActiveX 131

Trend Micro InterScan Web Security Suite ActiveX (*.cab) (PE) (*.exe *.ocx ) /ActiveX Java ActiveX 132

/ActiveX IWSS 133

Trend Micro InterScan Web Security Suite (CRL) 134

/ActiveX 135

Trend Micro InterScan Web Security Suite ActiveX ActiveX 136

/ActiveX 137

Trend Micro InterScan Web Security Suite 138

/ActiveX 139

Trend Micro InterScan Web Security Suite 7-1. 140

/ActiveX 7-2. 7-3. 141

Trend Micro InterScan Web Security Suite 142

URL IntelliTunnel 143

Trend Micro InterScan Web Security Suite URL URL URL 144

URL IntelliTunnel 145

Trend Micro InterScan Web Security Suite 146

URL IntelliTunnel URL URL URL 147

Trend Micro InterScan Web Security Suite URL URL URL URL 148

URL IntelliTunnel URL < >\URLFilteringExceptions.ini URLFilteringExceptions.ini < >\IWSSPIUrlFilter.dsc filtering_exception_list URL 149

Trend Micro InterScan Web Security Suite URL Filtering Import File [approved] *www.trendmicro.com* *www.antivirus.com* www.example.com/*wildcard www.example.com/*wildcard. www.example.com/%2awildcard 150

URL IntelliTunnel URL 151

Trend Micro InterScan Web Security Suite IntelliTunnel IntelliTunnel 152

URL IntelliTunnel 153

Trend Micro InterScan Web Security Suite 154

URL 155

Trend Micro InterScan Web Security Suite 156

URL URL URL intscan.ini [URL-trusting], normallists 157

Trend Micro InterScan Web Security Suite [block] [allow] URL Blocking Import File { このタイトルは無視されます } [block] www.blockedsite.com* unwanted.com* urlkeyword banned.com/file banned.com/downloads/ [allow] www.blockedsite.com/file www.unwanted.com/subsite/ www.trendmicro.com* URL 158

URL URL URL 159

Trend Micro InterScan Web Security Suite < >\URLB.ini URLB.ini intscan.ini 160

URL URL www.blockedsite.com charity www.blockedsite.com www.blockedsite.com/charity/ charity www.blockedsite.com/charity 161

Trend Micro InterScan Web Security Suite URL [block] [allow] URL Blocking Import File { このタイトルは無視されます } [block] www.blockedsite.com* unwanted.com* urlkeyword banned.com/file banned.com/downloads/ [allow] www.blockedsite.com/file www.unwanted.com/subsite/ www.trendmicro.com* www.example.com/*wildcard www.example.com/*wildcard www.example.com/%2awildcard [block] [allow] 162

URL URL 163

Trend Micro InterScan Web Security Suite URL URL 164

URL URL 165

Trend Micro InterScan Web Security Suite 166

FTP 167

Trend Micro InterScan Web Security Suite FTP FTP FTP 168

FTP FTP FTP FTP FTP FTP 169

Trend Micro InterScan Web Security Suite FTP FTP ファイルタイプと MIME コンテントタイプの対応 170

FTP 171

Trend Micro InterScan Web Security Suite FTP 172

FTP IP IP FTP IP IP IP 173

Trend Micro InterScan Web Security Suite IP IWSS FTP 174

FTP 175

Trend Micro InterScan Web Security Suite 176

177

Trend Micro InterScan Web Security Suite HTTP ICAP 178

( ) ( ) 179

Trend Micro InterScan Web Security Suite IWSS 180

WCCP 181

Trend Micro InterScan Web Security Suite WCCP IWSS 182

HTTP 183

Trend Micro InterScan Web Security Suite HttpsConnectACL.ini FTP over HTTP FTP over HTTP intscan.ini max_concurrent_connections 184

(LDAP ) 185

Trend Micro InterScan Web Security Suite ICAP ICAP 186

187

Trend Micro InterScan Web Security Suite < >\quarantine 188

Web 189

Trend Micro InterScan Web Security Suite (HTTPS) < >\jre\bin C:\Program Files\Trend Micro\InterScan Web Security Suite 1 keytool -genkey -keyalg RSA -alias tomcat-server -keystore mykeystore 190

mykeystore mykeystore mykeystore https://< >:< > http://<iwss >:1812 https://<iwss >:8443 HTTPS IWSS https://{server-ip}:8443/index.jsp https://123.123.123.12:8443/index.jsp 191

Trend Micro InterScan Web Security Suite SERVER-IP http://{server-ip}:1812/index.jsp http://123.123.123.12:1812/index.jsp HTTPS HTTPS < >\tomcat\conf\server.xml <Connector port="1812" connectionlinger="60000" maxhttpheadersize="8192" maxthreads="75" enablelookups="true" acceptcount="100" connectiontimeout="900000" disableuploadtimeout="true" minsparethreads="3" maxsparethreads="8" /> https://<iwss_server_ip>:8443/index.jsp 192

[http] iscan_web_server=1812 iscan_web_protocol=http [http] iscan_web_server=8443 iscan_web_protocol=https 193

Trend Micro InterScan Web Security Suite IWSS URL /ActiveX 194

195

Trend Micro InterScan Web Security Suite < >\intscan.ini IWSS 196

Trend Micro Control Manager Control Manager 197

Trend Micro InterScan Web Security Suite MCP Control Manager 198

199

Trend Micro InterScan Web Security Suite 200

/ HTTP トラフィックでウイルスが検出されました %Y に IWSS がファイル %F でセキュリティリスク %V を検出しました %N が %U からファイルをダウンロードしようとしました 07/01/23 8:36 AM に IWSS がファイル eicar.com でセキュリティリスク Eicar_test_file を検出しました 123.123.123.12 が http://www.eicar.org/download/eicar.com からファイルをダウンロードしようとしました 201

Trend Micro InterScan Web Security Suite 13-1. 202

203

Trend Micro InterScan Web Security Suite HTML 204

HTTP HTTP 205

Trend Micro InterScan Web Security Suite HTTP HTTP 206

URL URL FTP FTP 207

Trend Micro InterScan Web Security Suite FTP FTP 208

IntelliTunnel IntelliTunnel ActiveX 209

Trend Micro InterScan Web Security Suite ActiveX 210

URL URL 211

Trend Micro InterScan Web Security Suite SNMP SNMP 212

/URL / IWSS 213

Trend Micro InterScan Web Security Suite 214

215

Trend Micro InterScan Web Security Suite / 216

/ 217

Trend Micro InterScan Web Security Suite 218

219

Trend Micro InterScan Web Security Suite 220

221

Trend Micro InterScan Web Security Suite 14-1. 222

223

Trend Micro InterScan Web Security Suite 224

< >\report < >\report 225

Trend Micro InterScan Web Security Suite 226

227

Trend Micro InterScan Web Security Suite 228

229

Trend Micro InterScan Web Security Suite URL URL 230

URL IWSS ( URL ) URL URL (OPP) ID OPP ID 231

Trend Micro InterScan Web Security Suite URL 232

URL HTTP Requests Processed HTTP Responses Processed Number of HTTP threads HTTP CPU Utilization 233

Trend Micro InterScan Web Security Suite FTP Get FTP Get FTP Put FTP Put 234

235

Trend Micro InterScan Web Security Suite MSSQL$IWSS 1 236

< >\log 237

Trend Micro InterScan Web Security Suite < >\log virus.log.2007.01.09 238

14-2. URL URL FTP HTTP Control Manager Java SNMP 14-3. IWSS / tb_url_usage 239

Trend Micro InterScan Web Security Suite 14-3. IWSS / tb_report_by tb_violation tb_performance_value CSV intscan.ini csvcharformat 240

MIME afc audio/aiff audio/x-aiff MIME MIME MIME 241

Trend Micro InterScan Web Security Suite MIME MIME MIME 242

MIME MIME MIME MIME 243

Trend Micro InterScan Web Security Suite MIME MIME MIME 244

< > {IWSS root} \Program Files\Trend Micro\InterScan Web Security Suite\ intscan.ini {IWSS root}\iwsspiscanvsapi.dsc {IWSS root}\iwsspiprotocolicap.pni {IWSS root}\iwsspiprotocolhttpproxy.pni {IWSS root}\iwsspiurlfilter.dsc {IWSS root}\report.ini < インストールディレクトリ >\urlfcmapping.ini 245

Trend Micro InterScan Web Security Suite {IWSS root}\clientacl_http.ini および {IWSS root}\clientacl_ftp.ini {IWSS root}\httpportpermission_http.ini および {IWSS root}\httpportpermission_ftp.ini {IWSS root}\httpsconnectacl_http.ini {IWSS root}\serveripwhitelist_http.ini および {IWSS root}\serveripwhitelist_ftp.ini.ini 246

intscan.ini main protocol_config_path.dsc intscan.ini scan plugin_dir.dsc 247

Trend Micro InterScan Web Security Suite 248

OpenLDAP 249

Trend Micro InterScan Web Security Suite OpenLDAP /etc/openldap/ldap.conf /etc/openldap/slapd.conf 250

OpenLDAP ldap.conf # # System-wide ldap configuration files. See ldap.conf(5) for # details # This file should be world readable but not world writable. # OpenLDAP supports the ldap.conf file. You could use this file to # specify a number of defaults for OpenLDAP clients. Normally this # file can be found under /etc/openldap based on /etc/init.d/ldap # start script's setting # Set host IP address or fully qualified domain name HOST example.peter.com #HOST 10.2.1.1 # Set the default BASE DN where LDAP search will start off BASE dc=peter,dc=com # Set the default URI URI ldap://example.peter.com # SASL options # specify the sasl mechanism to use. This is a user-only option. # SASL_MECH <mechanism> # specify the realm. This is a user-only option # SASL_REALM <realm> # specify the authentication identity. # SASL_AUTHCID <authcid> 251

Trend Micro InterScan Web Security Suite slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # # Enforce all changes to follow the defined schemas loaded via # include statements in the conf file # NOTE 1 # All the OpenLDAP config files and backend databases are accessed # and created by "ldap", so if you touch these config files by # "root", "a Permission Denied" error will occur. Please modify # ownership accordingly. # NOTE 2 # krb5-kdc.schema fails to work with current OpenLDAP 2.2.x distro # krb5validstart, krb5validend, krb5passwordend need to have # "EQUALITY generalizedtimematch" inserted before the ORDERING # statement. # www.openldap.org/lists/openldap-bugs/200309/msg00029.html # Enforce all changes to follow the defined schemas loaded via # include statements in the conf file schemacheck on # Included schemas include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/krb5-kdc.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/java.schema # Do not enable referrals since IWSS 2.5 has its own implementation # referral ldap://root.openldap.org # Directives say where to write out slapd's PID and arguments # started with pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args # Load dynamic backend modules: # modulepath/usr/local/libexec/openldap # moduleloadback_bdb.la 252

OpenLDAP # moduleloadback_ldap.la # moduleloadback_ldbm.la # moduleloadback_passwd.la # moduleloadback_shell.la # Sample security restrictions #Require integrity protection (prevent hijacking) #Require 112-bit (3DES or better) encryption for updates #Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: #Root DSE: allow anyone to read it #Subschema (sub)entry DSE:allow anyone to read it #Other DSEs: #Allow self write access #Allow authenticated users read access #Allow anonymous users to authenticate #Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=subschema" by * read # access to * #by self write #by users read #by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn.(e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! access to dn.base="" by * read access to dn.base="cn=subschema" by * read access to * by self write by users read by anonymous auth by * none # We have found this gives a useful amount of information about # directory loglevel 256 #Specify the number of threads used in slapd, default = 16 #Increasing or decreasing the number of threads used can #drastically affect performance, we found 20 threads to be optimal #for our setup, but it can be different under other operating #systems threads 20 253

Trend Micro InterScan Web Security Suite #Tell slapd to close connections that have been idle for 30 seconds #or more idletimeout 30 # Enable LDAPv2 support. This option is disabled by default. allow bind_v2 # Disable anonymous bind disallow bind_anon # Comment this section to enable simple bind #disallow bind_simple # NOTE 3 # SASL Configuration # Caution: make sure you use the canonical name of the machine # in sasl-host. Otherwise, OpenLDAP wont be able to offer GSSAPI # authentication # Set the SASL realm and canonical name of the host sasl_hostexample.peter.com sasl_realmpeter.com # Allow proxy authentication if it's configured sasl-authz-policyboth # NOTE 4 # Mapping of SASL authentication identities to LDAP entries # The sasl-regexp line are particularly critical. They are what # rewrite incoming connections who have SASL formatted DNs to the # DNs that are in the directory DB. It's important to remember that # they are processed in order, so you want to write them from most # specific to most general # NOTE 5 # We set the cn=.* since we are going to adopt different security # mechanisms. If Kerberos v5 is the only one used, change wildcard # to cn=gssapi,cn=auth #sasl-regexp uid=(.*),cn=gssapi,cn=auth #uid=$1,ou=people,dc=peter,dc=com sasl-regexp uid=(.*),cn=.*,cn=auth 254

OpenLDAP uid=$1,ou=people,dc=peter,dc=com # ldbm database definitions # NOTE 6 # Correctly configuring the backend Berkeley DB is very critical # follow the guideline at # http://www.openldap.org/faq/data/cache/1073.html # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. databasebdb # These options specify a DN and passwd that can be used to # authenticate as the super-user entry of the database. The DN and # password specified here will always work, regardless of whether # the entry named actually exists or has the password given. # This solves the chicken-and-egg problem of how to authenticate and # add entries before any entries yet exist suffix"dc=peter,dc=com" rootdn"cn=admin,dc=peter,dc=com" rootpwadmin # NOTE 7 # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd/tools. Mode 700 # recommended. directory/usr/local/var/openldap-data #Tell the slapd to store the 10000 most accessed entries in memory #Having a properly configured cache size can drastically affect #performance cachesize 10000 # Indices to maintain # Some versions of OpenLDAP don't support the index of uniquemember # "pres" indexing allows you to see a filter that asks if the # attribute is present in an entry # "eq" indexing allows to ask if an attribute has an exact value # "apporx" indexing allows to ask if an attribute value sounds like # something # This option is tied to --enable-phonetic compile option in # OpenLDAP # "sub" indexing allows to do substring search on an attribute's 255

Trend Micro InterScan Web Security Suite # values index default eq,pres index objectclass eq,pres index cn,sn,givenname,mail eq,pres,approx,sub index uideq,pres index uidnumber,gidnumber,memberuid eq,pres /usr/sbin/slapadd [-v] [-c] [-d level] [-b suffix] [-n dbnum] [-f slapd.conf] [-l ldif-file] /usr/sbin/slapcat [-v] [-c] [-d level] [-b suffix] [-n dbnum] [-f slapd.conf] [-l ldif-file] 256

OpenLDAP /usr/sbin/slapcat [-v] [-c] [-d level] [-b suffix] [-n dbnum] [-f slapd.conf] /usr/sbin/slaptest [-v] [-d level] [-f slapd.conf] 257

Trend Micro InterScan Web Security Suite ldapsearch [-D binddn] [-W] [-w bindpasswd] [-H ldapuri] [-h ldaphost] [-p ldap- port] [-b searchbase] [-s base one sub] [-x] [-Y mech] [-Z[Z]] filter [attrs...] ldapsearch -x -D "cn=admin,dc=peter,dc=com" -w admin -b "dc=peter,dc=com" -s sub "uid=petery" mail SASL/OpenLDAP/Kerberos v5 の認証を確認するには 1. KRB5_CONFIG="/etc/heimdal/krb5.conf"./ldapsearch -v -x \ -D "cn=admin,dc=peter,dc=com" -W -b "" -s base -LLL \ -H ldap://example.peter.com/ supportedsaslmechanisms 2. KRB5_CONFIG="/etc/heimdal/krb5.conf"./ldapsearch -b "dc=peter,dc=com" \ -H ldap://example.peter.com/ 3. KRB5_CONFIG="/etc/heimdal/krb5.conf"./ldapwhoami -H ldap://example.peter.com 258

OpenLDAP C-1. OpenLDAP 259

Trend Micro InterScan Web Security Suite /usr/local/sbin slapcat l [output_file_name] 260

OpenLDAP LDIF dn:uid=petery,ou=people,dc=client,dc=us,dc=trendnet,dc=org givenname: Peter telephonenumber: +1 408 555 5555 sn: Peter ou: All of IWSS Developer Team ou: People#Corporate User field mail: petery@peter.com objectclass: top objectclass: person objectclass: organizationalperson objectclass: inetorgperson uid: petery cn: Peter Yen dn: cn=all of IWSS Developer Team,ou=Engineering,ou=Groups,dc=client,dc=us,dc=trendnet,dc=org ou: Groups #Corporate Group field ou: Engineering description: All of IWSS Developer Team objectclass: top objectclass: groupofuniquenames uniquemember: uid=petery,ou=people,dc=client,dc=us,dc=trendnet,dc=org cn: All of IWSS Developer Team 261

Trend Micro InterScan Web Security Suite C-2. OpenLDAP 262

OpenLDAP dn: uid=petery,ou=people,dc=client,dc=us,dc=trendnet,dc=org givenname: Peter telephonenumber: +1 408 555 5555 sn: Peter ou: All of IWSS Developer Team ou: Employee#Corporate User field mail: petery@peter.com objectclass: top objectclass: person objectclass: organizationalperson objectclass: inetorgperson uid: petery cn: Peter Yen dn: cn=all of IWSS Developer Team,ou=Engineering,ou=Groups,dc=client,dc=us,dc=trendnet,dc=org ou: Teams #Corporate Group field ou: Engineering description: All of IWSS Developer Team objectclass: top objectclass: groupofuniquenames teammember: Peter Yen cn: All of IWSS Developer Team 263

Trend Micro InterScan Web Security Suite 264

ActiveX 84 136 132 Control Manager 24 197 CSV 29 cyrus-sasl-2.1.19 250 DCS 40 41 EICAR 54 ESMTP 201 FTP over HTTP 120 / 168 23 184 95 174 FTP Get 234 FTP get 234 FTP Put 234 FTP put 234 FTP 172 FTP 29 89 171 168 89 IP 174 96 96 169 89 168 169 170 94 207 96 95 169 169 FTP 168 heimdal-0.6.2 250 HTTP 114 / 178 18 46 53 114 HTTPS Web 190 191 184 HTTP 81 117 157 121 123 122 114 118 52 URL 157 265

Trend Micro InterScan Web Security Suite 管理者ガイド 117 119 120 205 119 108 81 114 / 108 116 HTTP / 54 ICAP 26 196 ICAP 186 ICSA 37 IntelliTunnel 20 152 Internet Caching Acceleration Protocol ICAP iscan_web_protocol 193 iscan_web_server 193 IWSS 24 27 27 41 42 54 192 41 43 24 IWSSPIUrlFilter.dsc 149 Java 85 128 85 127 127 86 Kerberos 249 LDAP 25 AD Global 80 75 100 104 79 104 101 101 76 70 73 75 78 100 ldapsearch 257 LDIF 260 lpt$vpn.xyz 61 MIME 81 116 241 OpenLDAP 249 ldap.conf 251 slapd.conf 252 259 250 openldap-2.2.17 250 openssl-0.9.7d 250 Readme 14 RealAudio 116 266

register_user_agent_header.exe 100 slapadd 256 slapcat 256 slapd.conf 252 slapindex 257 slaptest 257 SNMP 29 212 SolutionBank - Q&A Web 14 Tomcat 190 HTTP 192 Trend Micro Control Manager 197 TrendLabs 26 uniquemember 260 URL 38 Q&A 14 URLFilteringExceptions.ini 149 URL 28 157 232 URL 157 92 URL 232 URL 28 URL 27 URL 148 144 87 20 147 151 88 149 150 151 147 87 144 144 145 144 231 URL 230 URL 28 159 162 207 163 164 163 231 162 Web 47 189 Web 18 41 172 FTP 172 227 227 28 267

Trend Micro InterScan Web Security Suite 管理者ガイド 91 156 91 92 156 156 FTP 95 171 117 117 89 32 53 59 31 38 34 34 59 61 61 61 210 58 60 60 61 (FTP) 175 /ActiveX 132 /ActiveX 24 27 84 131 132 83 140 137 126 126 ActiveX 209 190 179 36 122 150 36 27 172 178 164 229 14 188 89 228 (CSV) 29 188 26 Cisco 25 268

Network Appliance 25 60 91 (TTL) 74 79 91 188 23 61 88 235 65 85 185 65 66 105 115 247 32 36 ICSA 37 37 37 URL 38 61 196 HTTP 118 120 119 34 237 38 39 46 48 (CRL) 134 134 119 URL 157 158 158 25 164 121 35 29 25 229 Q&A 14 URL 14 23 245 35 183 192 (OPP) 230 ID 231 231 269

Trend Micro InterScan Web Security Suite 管理者ガイド 15 29 172 ESMTP 201 HTML 204 SNMP 212 200 200 204 201 201 201 188 227 137 184 14 FTP 184 (DCS) 40 41 38 13 189 189 32 33 34 62 62 35 33 35 33 FTP 95 233 39 (FTP) 96 114 163 164 URL 165 34 URL 165 164 164 231 163 164 163 185 23 30 196 164 128 179 ( ) 179 179 58 179 183 183 182 270

178 246 201 202 64 64 65 66 189 123 122 / (LDAP) 185 ID 231 28 97 IP 67 98 99 67 67 98 68 98 / 69 100 43 24 182 DNS 183 182 133 194 29 216 225 220 216 222 219 220 219 218 223 219 217 225 223 224 220 237 61 29 CSV 240 FTP get 234 FTP put 234 URL 232 URL 230 229 226 228 / 228 271

Trend Micro InterScan Web Security Suite 管理者ガイド 235 235 236 226 229 236 233 238 237 226 FTP Get 234 FTP Put 234 URL 229 239 238 162 272

Trend Micro InterScan Web Security Suite Windows版 管理者ガイド

Trend Micro InterScan Web Security Suite Windows版管理者ガイド