5 Ways to Re-enable Registry Editor When Disabled By Virus

 Tanmay Windows 14 Comments

We have already discussed how to re-enable task manager and other problems that can be solved by using the Windows Registry Editor. Now, users may experience a serious dilemma if the Registry Editor itself is disabled. This can be due to a Trojan, virus, spyware or a Malware infection to your system. Whenever this occurs, an attempt to start the editor results in the appearance of a  message declaring that “Registry editing has been disabled by the Administrator”.

This creates a setback to the solutions of various other problems using the Registry Editor. However, how much complicated this problem may seem, it’s certainly not incurable. In fact, we, in this article will discuss how simple it is to re-enable your Registry Editor. The fixes that we show here, work in Windows XP, Windows Vista and also in Windows 7.

Fix 1 : From the Run command

Click on the “Start” button and then select “Run”, or simply press “Windows Key+R”. The Run application starts and in the box copy and paste the following line :

REG add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem
 /v DisableRegistryTools /t REG_DWORD /d 0 /f

Click OK and then reboot your computer. On restart, the Windows Registry Editor is re-enabled.

Fix 2 : By removing the regedit.com file

Another simple solution to re-enable your Registry Editor is to rename the “regedit.com”to “regedit.exe”. Sometimes, some viruses or malware loads a “regedit.com” file in the system. This “.com” file is usually a zero byte dummy file which either replaces the actual“regedit.exe” file or is added as a new file.  Now, when you type “regedit” in the “Run”box, this “.com” file is executed rather than the actual “.exe” file, since “.com” files get a greater preference than “.exe” files in the process of execution of a program.

1. Open the drive where the Windows operating system is installed.
2. Then open the folder named “WINDOWS” in that drive.
3. Notice if the file “regedit” is a “.com” zero byte dummy file or not.
4. If it is so, then delete it permanently.

In case of invasion of a worm named “W32.Navidad”, the “regedit.exe” gets renamed to“regedit.com”. In such a case you just have to rename the “.com” file by “regedit.exe”. You will now be able to access the Registry Editor normally.

Fix 3 : By editing the Group Policy

At first go to Start > Run or simply press “Windows key+R”. Type “gpedit.msc” in the Run box and click OK.

The Group Policy Editor opens up. Navigate to User Configuration > Administrative Templates>System. Now, on the right hand part of the Group Policy Editor, in the“Setting” column, double click on “Prevent Acess to Registry Editing Tools”.

The Properties box appears and here, change the property to “Not Configured”. If it is already so, select “Enable” and apply it. Then repeat the Fix 3 process to change the setting to “Not Configured”. This removes the Disable Registry Tools value successfully. Click on Apply, then OK and exit the Group Policy Editor.

Reboot your system. On resuming from the restart, the Registry Editor is enabled once again.

Fix 4 : By VB script

A different way to solve this problem is by using a Visual Basic script. Depending upon its position in the registry, the script enables or disables the Registry Editor. Doug Knox, a Microsoft Professional, created such a VB script “reg_enable.vbs”. Download this VB Script. Save this on the Desktop in your system. Make sure to save this file with the extension “.vbs”.

Now follow the steps below :

1. Double click on the downloaded file to run it.
2. If you are prompted for an Administrative Password, enter it and press ENTER.
3. After this is done, restart your computer.

Your Registry Editor is re-enabled on completing reboot.

Instead of double clicking on the file, you may also open a Command Prompt window by clicking Start > All Programs > Accessories > Command Prompt.

1. Now, type cd /d %userprofile%desktop . [Replace %userprofile% by the Windows profile name of the user].
2. Then type wscript.exe  reg_enable.vbs and press ENTER.
3. Type EXIT and press ENTER to close the Command Prompt window.

The Disable Registry Tools policy gets removed and your can access Registry Editor normally.

Fix 5 : By installing the UnHookExec.inf

Sometimes invasions by trojans, worms etc. edits the shell > open > command registry entries. Each execution process of an “.exe” file, executes the virus. In such a case,

1. Visit the Symantec website and download the “UnHookExec.inf” file.
2. Save this file on your desktop making sure that the file extension is “.inf”.
3. Right click on this file and choose to install.
4. With the process completed, restart your system.

Resuming Windows after reboot, restores the command registry entries and the Registry Editor is re-enabled.

Any of the above 5 fixes can be used to re-enable the Registry Editor. These fixes work in all versions of Windows.

Windows vpn

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router 
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive 
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude 
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.

Understand how to handle big data and improve organizational agility to support demands of a dynamic enterprise. Read our eBook today.

Set Up Your Own VPN, Without the Expensive Software

By Eric Geier

If you want secure access to your network when away from the office, you can setup a Virtual Private Network (VPN ). You can connect via the Internet and securely access your shared files and resources. You don't have to buy an expensive VPN server if don't have a lot of users. Windows actually provides VPN server and client functionality.

In this tutorial, we'll set up the Windows 7 or Vista VPN server and connect with Windows XP, Vista, or 7. Now let's get started!

Avoiding IP conflicts

Since VPN connections link networks together, you must be careful with the subnet and IP addressing so there aren't any conflicts. On the network hosting the VPN server, you should use an uncommon default IP for the router, such as 192.168.50.1. If you have multiple offices, assign each to a different uncommon IP/subnet, such as 192.168.51.1, 192.168.52.1, and so on.

Figure 1

Create an incoming VPN connection in Windows

To configure the Windows VPN server, you do what is described by Microsoft as "creating an incoming connection." This will be the server or host of the VPN. Among other things, you'll specify the users you want to be able to connect. Follow these steps to create an incoming connection:

Right-click the network icon in the system tray and selectOpen Network and Sharing Center.Click on Manage network connections (Windows Vista) or Change adapter settings (Windows 7).Press the Alt key to show the File Menu and click File >New Incoming connection… .Select who you'd like to give VPN access to and/or create custom accounts by clicking on Add someone. See Figure 2 for an example. When you're done, click onNext.Select Through the Internet, as Figure 3 shows, and clickNext.Such as shown in Figure 4, select the protocols you want to enable for this connection. You'll likely want to selectInternet Protocol Version 4 (TCP/IPv4), so remote users receive an IP address and can access the Internet and/or network. Plus if you want the remote user(s) to access file and/or printer shares, select File and Printer Sharing for Microsoft Networks. When you're done, click Allow access.On the next window, click Close.

Now you need to access the properties of the newly created incoming network connection and define the IP address range for VPN clients:

On the Network Connections window, double-clickIncoming Connections.Select the Networking tab and double-click Internet Protocol Version 4 (TCP/IPv4).Select Specify IP addresses and then enter a starting and ending address that's within range of your local subnet but not conflicting with the DHCP range. For example, if your router's IP is 192.168.50.1, you might enter 192.168.50.50 to 192.168.50.59 as shown in Figure 5, which would support 10 clients. If you want clients to be able to assign themselves an IP, select that option.Click OK on both dialog boxes to save the changes.

Configure any third-party firewalls

Windows will automatically allow the VPN connections through Windows Firewall when you configure the incoming connection on the host PC. However, if you have a third-party firewall installed on the host PC, you need to make sure the VPN traffic is allowed. You may have to manually enter the port numbers 47 and 1723.

Configure your IP address, dynamic DNS, and router

To enable VPN connections to the host PC from the Internet, you must configure your router to forward them to the Windows PC that's accepting the incoming connections. You specify the host PC by entering its local IP address. Therefore, before you setup the port forward, you should ensure the IP address won't change.

Start by logging into to the Web-based control panel of the router. Then go to the Network or DHCP settings and see if you can reserve the IP address for the PC so it always gets the same one. This may be called DHCP reservation or Static DHCP. Some routers don't have this feature. In this case, you'll need to manually assign the PC a static IP in the TCP/IP settings of the network connection in Windows.

Once you have figured out the IP address, find the virtual server or port forwarding settings in the router's web-based control panel. Then create an entry forwarding port 1723 to the local IP address of the PC, such as Figure 6 shows. Don't forget to save the changes!

 
Figure 6.

If your Internet connection uses a dynamic IP address, rather than a static one, you should signup and configure a dynamic DNS service. This is because when you configure the remote clients, you have to input the Internet IP address of where the host PC is located. This will be a problem if the IP changes. However, you can sign up for a free service, such as from No-IP, and input your account details into the router so it will update the hostname with your IP. Then you'll have a hostname (such as yourname.no-ip.org) to input into remote clients, which will always point to the current Internet IP address of your host PC.

Now everything on the server side should be configured and ready to go. Next you need to setup the clients.

Create outgoing VPN connections in Windows

Now that you have the server setup, you need to configure the computers which you want to connect from, called the VPN clients. Here's how to in Windows Vista and 7:

Right-click the network icon in the system tray and selectOpen Network and Sharing Center.Click Set up a connection or network (Windows Vista) orSet up a new connection or network (Windows 7, as shown in Figure 7).On the wizard, select Connect to a workplace, and clickNext.Select Use my internet connection (VPN).Type the Internet IP address or hostname into theInternet address and enter something for the Destination name. See Figure 8 for an example. You'll probably want to keep the other options disabled. Click Next to continue.Enter a User name and password that was selected when you created the incoming VPN connection, and click Next to try to connect. It will attempt to connect using the following protocols: SSTP, PPTP, and then L2TP.Once connected, click Close.

Windows may by default assign the connection as a Public Network, limiting sharing functionality. Therefore you probably want to change this. If you aren't prompted to do so, open the Network and Sharing Center and clickCustomize (Windows Vista) or the Public network link under the connection name (Windows 7). Then on the popup window, select Work Network.

Here's how to create and outgoing VPN connection in Windows XP:

Open the Network Connections window and click Create a new connection.Select Connect to the network at my workplace, and click Next.Select Virtual Private Network connection, and clickNext.Enter a name for the connection, and click Next.Select Do not dial the initial connection, and click Next.Type the Internet IP address or hostname, and click Next.Click Finish.

Limiting VPN traffic

By default, all the Internet traffic on the VPN client will pass through the VPN rather than the local Internet they are connected to. This is great if they are using a public connection, like a port in a hotel or Wi-Fi hotspot, since it keeps their browsing private. However, if they are on a trusted network, like at their home or remote office, this just might be wasting bandwidth. To limit the traffic that passes through the VPN connection:

On the Network Connections window, right-click the VPN connection and select Properties.Select the Network tab and double-click Internet Protocol (TCP/IP).Click the Advanced button and uncheck Use default gateway on remote network (see Figure 9).Click OK on the dialog boxes to save changes.

Now the VPN client will use the local Internet connection when browsing websites. It will only use the VPN connection when a server or IP address isn't reachable via the Internet, such as when accessing shares on the VPN host network.

Connecting to the VPN

In Windows XP, you can connect and disconnect by opening the Network Connections window and right-clicking the VPN connection. In Windows Vista, you can click the network icon in the system tray, click Connect to, and then select the connection. In Windows 7, click the network icon in the system tray and select the VPN connection.

After you connect, you should be able to access the shared resources on the VPN host network. Keep in mind; you may have to manually access shares (e.g. ip_address_of_computer or file://computer_name/) rather than browsing in My Network Places or Network.

Cyberoam details

1. Cyberoam iView 1.1. Cyberoam iView Presentation 1.2. Visio Stencils 1.3. FAQ 1.3.1. Cyberoam iView - Introduction 1.3.1.1. What is Cyberoam iView ? Applicable to : On Cyberoam Appliance, Open Source Software, Appliance Cyberoam iView is a logging and reporting solution that provides organizations with visibility into their networks for high levels of security, data confidentiality while meeting the requirements of regulatory compliance. With Cyberoam iView, organizations receive logs and reports related to network activities, intrusions, attacks, spam and blocked attempts, both internal and external, enabling them to take rapid action throughout their network. Cyberoam iView comes in three flavors. ·        On-Appliance Cyberoam iView – An integral part of Cyberoam security appliances. ·        Open Source Cyberoam iView – A Software which can be installed on Windows and Linux. ·        Cyberoam iView Appliance – A dedicated appliance for logging and reporting. Given below is the matrix showing flavor-wise feature availability.     Feature On-Appliance Cyberoam iView Open Source Cyberoam iView Cyberoam iView Appliance Reporting for multiple Cyberoam security appliances No Yes Yes Reporting for other Networking solutions No Yes. Offers reports for following Networking Solutions: UTM: ·        SonicWALL ·        FortiGate ·        Cisco ASA Proxy: ·        Squid Linux Firewall: ·        Netfilter Web Server: ·        Apache Smart Wireless Router: ·        NetGenie Billing and Bandwidth Management Solution: ·        24Online Endpoint Security: ·        eScan Yes. Offers reports for following Networking Solutions: UTM: ·        SonicWALL ·        FortiGate ·        Cisco ASA Proxy: ·        Squid Linux Firewall: ·        Netfilter Web Server: ·        Apache Smart Wireless Router: ·        NetGenie Billing and Bandwidth Management Solution: ·        24Online Endpoint Security: ·        eScan Reporting across multiple devices and multiple locations No Yes Yes Report Bookmarks and Bookmark Groups Yes Yes Yes Report Custom View Yes Yes Yes Trend Reports Yes Yes Yes Integration with ConnectWise Yes No No Applications and Application Groups No Yes Yes User Management No Yes Yes Email Notification Yes Yes Yes Export Reports PDF, MS-Excel and HTML Export PDF and MS-Excel Export PDF and MS-Excel Export Data Management Yes Yes Yes Manual Purge Yes No No Disk Usage Limit Setting No Yes Yes Chart Preferences Yes No No Custom Logo Yes No No Backup and Restore No Yes Yes Audit Logs No Yes Yes Logs Archives No Yes Yes Compliance Reports Yes Yes Yes                                                                                                                                                               Document Version: 1.0 – 11 February, 2014     1.3.2. Open Source Cyberoam iView - Download and Installation 1.3.2.1. From where do I download Open Source iView? Applicable to : Open Source Software Cyberoam iView is an Open Source software. It can be downloaded only from www.cyberoam-iview.com.                                                                                                                                                Document Version: 1.0 – 11 February, 2014 1.3.2.2. What is the hardware requirement to install Cyberoam iView? Applicable to : Open Source Software Given below is the table of hardware specification to install Cyberoam iView: Component Recommendation Processor Pentium IV with 2GHz RAM 2GB (Minimum) Hard Disk Drive SATA or SCSI hard disk with minimum 30GB disk space                                                                  Document Version: 1.0 – 11 February, 2014   1.3.2.3. Can I install Cyberoam iView on Linux? Applicable to : Open Source Software Yes, Cyberoam iView has two installers one for Windows and one for Linux. Given below is the list of versions supported: Windows: Windows 2000 Windows XP Windows 2003 Windows Vista Windows 7 Linux: Fedora 10+ Opensuse 11 Debian 5.3  PCLinux 2009 Ubuntu 12                                                                                                 Document Version: 1.0 – 11 February, 2014 1.3.2.4. How do I install Cyberoam iView on Linux? Applicable to : Open Source Software Please refer to Cyberoam iView Linux Installation Guide                                                                                                                                                                                     Document Version: 1.0 – 11 February, 2014 1.3.2.5. What is the procedure to install Cyberoam iView on Windows? Applicable to : Open Source Software Please refer to Cyberoam iView Windows Installation Guide                                                                                                                                 Document Version: 1.0 – 11 February, 2014 1.3.2.6. How does Cyberoam iView collect logs from various devices? Applicable to : Open Source Software, Appliance Cyberoam collects logs from multiple appliances placed at various geographical locations using Syslog.                                                                                                                            Document Version: 1.0 – 11 February, 2014 1.3.3. Cyberoam iView Appliance Upgrade Applicable to : Appliance This article explains step by step procedure to upgrade Cyberoam iView appliance. Step 1: Logon to Cyberoam iView using root user credentials through console.   Step 2: Change the PWD to var.   Step 3: Download upgrade patch from below URL using following command: [root@iview var]# wget http://sourceforge.net/projects/cyberoam-iview/files/iView-Patches/     Step 4: Use ‘ls’ command to verify the downloaded patch.     Step 5: Use following command to start upgrade process: [root@iview var]# chmod 755 iView-linux-0.126.bin [root@iview var]# ./iView-linux-0.126.bin       Step 6: Use following command to verify the current version running on Cyberoam iView: [root@iview var]# psql -d iviewdb -U postgres -c "select * from tbliviewconfig;"                                                                                                                                                                                               Document Version: 1.0 – 12 September, 2014 1.3.4. Accessing Cyberoam iView 1.3.4.1. What is the concept of role- based administration in Cyberoam iView? Applicable to : Open Source Software, Appliance Cyberoam iView supports three types of user roles with different privileges ·         Super Admin – Default account with username admin. No additional account can be created. ·         Admin – Only administrator with the Super Admin role can add and update Admin roles ·         Viewer – Administrator with Super Admin and Admin roles can add and Viewer roles Given below is the previlege matrix associated with Cyberoam iView users:   Super Admin For all the devices Admin Only for assigned devices Viewer Only for assigned device Add Update Delete View Add Update Delete View Add Update Delete View Mail Server Configuration Y Y Y Y N N N N N N N N User Management Y Y Y Y Y Y Y Y N N N N Device Management Y Y Y Y N N N N N N N N Device Group Management Y Y Y Y N N N N N N N N Application category Y Y Y Y Y Y Y Y N N N N Custom View Y Y Y Y Y Y Y Y N N N N Report Notification Settings Y Y Y Y Y Y Y Y N N N N Data Management Y Y Y Y N N N N N N N N Bookmark Management Y Y Y Y Y Y Y Y Y Y N Y Logs - Y - Y - N - N - N - N Syslog Server Port - Y - Y - N - N - N - N Backup and Restore Index - Y - Y - N - N - N - N Disk Usage Limit - Y - Y - N - N - N - N Audit Logs - - - Y - - - Y - - - N Super Admin For all the devices Admin Only for assigned devices Viewer Only for assigned device Load and Search Archive Y Y N Unload, Backup and Restore Archive Files Y Y N View Live Logs Y Y N View and Search Reports Y Y Y DashboardsMain, Device, User, Host, Email Address, iView) Y Y Y                                                                                                                                                                                                                     Document Version: 1.0 – 11 February, 2014               1.3.4.2. How can I access Cyberoam iView after successful installation? Applicable to : Open Source Software You need to browse to http://<IP address of the machine on which Cyberoam iView is installed i.e. local machine>:8000 then log on using default username ‘admin’ and password specified at the time of installation.                                                                                                                                       Document Version: 1.0 – 11 February, 2014 1.3.4.3. Which browsers are supported by Cyberoam iView? Applicable to : On Cyberoam Appliance, Open Source Software, Appliance Cyberoam iView can be accessed through following browsers: ·        Microsoft Internet Explorer 8+ ·        Mozilla Firefox 3.0 ·        Google Chrome ·        Safari 5.1.2(7534.52.7)+ ·        Opera 15.0.1147.141+ We recommend Mozilla Firefox 3.0 with resolution 1024 X 768 or more for the best view.                                                                                                                                                Document Version: 1.0 – 11 February, 2014 1.3.5. Open Source Cyberoam iView - Device and Device Group 1.3.5.1. How can I integrate a device with Cyberoam iView to generate reports ? Applicable to : Open Source Software, Hardware Appliance There are two ways to integrate a device with Cyberoam iView: 1. Auto-discover Device Cyberoam iView uses UDP protocol to discover the network device automatically. In order to send logs to Cyberoam iView, network device has to configure Cyberoam iView as a Syslog server. On successful login, Super Admin will be prompted with a popup "New Device(s) Found" if a new device is discovered; else, the Main Dashboard is displayed. This prompt will be displayed every time Super Admin logs in until she takes action on the newly discovered device. 2. Add Device (manually) Go to System > Configuration > Device and click Add button to add a new device in Cyberoam iView. Specify Device ID, Device Name, IP Address, Device Type and set status of device as ‘Active’ to start receiving logs from the added device.                                                                                                                                                      Document Version: 1.0 – 11 February, 2014 1.3.5.2. How to start receiving logs from added device? Applicable to : Open Source Software, Appliance To start receiving logs from the added device you need to change the status of the device to ‘Active’. 1.       Go to System > Configuration > Device. 2.       Select ‘Active’ under status column to activate the device. Cyberoam iView will start receiving logs from the added device within 5 minutes.                                                                                                                              Document Version: 1.0 – 11 February, 2014       1.3.5.3. What is the meaning of device status ‘Active’ and ‘Deactive’? Applicable to : Open Source Software, Appliance There are two possible device status in Cyberoam iView: ·         Active: Cyberoam iView is accepting logs sent by the device. ·         Deactive: Cyberoam iView is rejecting logs sent by the device.                                                                                                                                                                               Document Version: 1.0 – 11 February, 2014 1.3.5.4. Can I check whether the logs are coming from a device or not? Applicable to : Open Source Software, Appliance Yes, Cyberoam iView provides option of Live Archive Logs, which provides real view of incoming logs. To view whether the device is sending logs or not go to System > Archive > Live Logs and select device to view real time incoming logs.                                                                                                                                                                                                                                                                                                                                                                                                                                Document Version: 1.0 – 11 February, 2014 1.3.5.5. Can I group various devices to get consolidated reports? Applicable to : Open Source Software, Appliance  Yes, you can create group of devices based on device type, device model and geographical location, Cyberoam iView provides consolidated reports for the created device groups.                                                                                                                                                                                                                                                                                             Document Version: 1.0 – 11 February, 2014 1.3.5.6. Does Cyberoam iView keep logs of deleted device? Applicable to : On Cyberoam Appliance, Open Source Software, Appliance Cyberoam iView keeps logs of all devices to meet compliance requirement. One can configure retention period of logs from data management section                                                                                                                                                                                                                        Document Version: 1.0 – 11 February, 2014. 1.3.6. Open Source Cyberoam iView - Applications and Application Groups 1.3.6.1. What does an application mean in Cyberoam iView? Applicable to :  Open Source Software, Appliance Application is a unique combination of protocol and port number through which the protocol is identified. E.g., Web-Proxy application is identified through protocol TCP and port number 8080. If application is not defined in Cyberoam iView then instead of application name, protocol and port number will be displayed in Reports.                                                                                                                                                Document Version: 1.0 – 12 February, 2014 1.3.6.2. Can I add single application in multiple application groups? Applicable to : Open Source Software, Appliance   An application cannot be the member of multiple application groups. To change the group membership, first remove an application from the current group and then add in the other application group.                                                                                                                                           Document Version: 1.0 – 12 February, 2014 1.3.7. Reports 1.3.7.1. What is the meaning of ‘N/A’ displayed in Cyberoam iView Reports  Applicable to : On Cyberoam Appliance, Open Source Software, ApplianceGiven below are the probable reasons of ‘N/A’ displayed in Cyberoam iView reports: 1.    Monitored device does not send log data for particular report field. 2.    Monitored device does not have particular report field defined in it.  While ‘N/A’ in Username user based reports indicates that either the traffic is generated by a clientless user or the firewall rule is not applied on the user.                                                                                                                                               Document Version: 1.0 – 19 February, 2014 1.3.7.2. Why do we see multiple Reports for IP Address 0.0.0.0? Applicable Format: Open Source Software, Appliance DHCP Clients send DHCP Request packets that are marked with Source IP as 0.0.0.0. If DHCP Server is not configured in monitored device, it does not reply to DHCP requests, and hence drops these packets. This drop event is recorded as under Top Denied Hosts in Reports > Blocked Applications > Top Denied Hosts. Top Denied Hosts Report                                                                                                                                                      Document Version: 1.0 – 31 January, 2014 1.3.7.3. How to view Firewall Rule based reports in iView? Applicable Format – Software and Hardware You can view Firewall Rule based reports by following the steps given below.   1.     Login to iView using Administrator credentials.   2.     Go to Reports à Source Host Based Usage à Top Rules. The Firewall Rules with maximum number of hits are displayed.         3.     Click the desired rule to view its detailed report of Firewall Rule. For example, we have clicked Rule ID 710.                                                                                                                                                                                   Document Version: 1.0 – 13/04/2012 1.3.7.4. What does Main Dashboard show? Applicable Format - Software and Hardware When you login to Cyberoam iView, it provides you with Main dashboard. The page displays consolidated allow and deny traffic statistics for all the monitored devices in graphical as well tabular form where number of displayed devices can vary as per your user type. 1.3.7.5. I want to know about the traffic generated by a specific source host, how can I get this information? Applicable Format - Software and Hardware You can get the required information from Source Host dashboard. To access Source Host dashboard logon to Web Admin console and go to Dashboards®Custom Dashboard. Select criterion as Source host and enter the IP address of the host to get complete information of the host. 1.3.7.6. How can I get information regarding resource utilization by Cyberoam iView? Applicable Format - Software   Cyberoam iView Dashboard is the answer of your question.   Logon to Cyberoam iView and go to Dashboard®iView Dashboard. It will show you all the important resource utilization parameters like memory usage, disk usage and CPU usage of Cyberoam iView. 1.3.7.7. How can I get visibility of a particular user's Internet behavior? Applicable to : Open Source Software, Appliance   You can view all Internet activities of a particular user from single page of User Dashboard.  It gives in-depth visibility of user Internet behavior which includes Application, Web  and FTP Usage along with Blocked Web and Applications attempts. Logon to Web admin console and go to Dashboard > Custom Dashboard. Select criterion as username and enter the username to get complete information of the user.                                                                                                                                              Document Version: 1.0 – 05 March, 2014 1.3.7.8. Can I have a comprehensive view of user’s email activities? Applicable Format - Software and Hardware Yes, you can have detail information of user’s email activities with the help of Email Address dashboard. Logon to Web Admin console and go to Dashboards®Custom Dashboard. Select criterion as email address and enter the email address of the user to get complete information. 1.3.7.9. What is custom view of report? Applicable Format - Software and Hardware Custom view of reports is a group of the most pertinent reports that requires the special attention for managing the devices. Reports from different report groups can also be grouped in a single view. To create a custom view logon to Web admin console and go to System ® Configuration ® Custom View 1.3.7.10. How can I schedule reports in Cyberoam iView? Applicable Format - Software and Hardware Given below are the steps to schedule reports in Cyberoam iView:  Configure Mail Server ·    Logon to Web admin console and go to System ® Configuration ® Mail Server. ·    Specify mail server IP address and port number. ·    Specify 'from' email address. ·    Specify username and password in case of SMTP authentication and click Save button.  Add Report Notification ·    Logon to Web admin console and go to System ® Configuration ® Report Notification. ·    Click Add button to add report notification. ·    Specify name of the report notification. ·    Specify ‘To email address’ ·    Select report to be sent from the report group ·    Select device(s) from the list of devices. ·    Set email frequency and click Add button Selected reports will be sent in PDF format. 1.3.8. Open Source Cyberoam iView - Audit Logs 1.3.8.1. What are the categories for which audit logs can be viewed? Applicable Format - Software and Hardware Given below is the list of different audit log categories with corresponding events:   Category Event Logs for Mail SMTP server configuration update         Add Report Notification Update Report Notification Delete Report Notification Sent report notification User User Login                    User Log out Add User Update User Delete User Device Add Device       Update Device Delete Device Add Device Group Update Device Group Delete Device Group Application Add Application Identifier          Delete Application Identifier Add Application Update Application Delete Application Add Application Group Update Application Group Delete Application Group Reset to Default Views Unauthorized access to web pages Data Archived Logs   Detail Table Summary Table Report Add Custom View         Update Custom View Delete Custom View 1.3.8.2. What is the meaning of different severity levels displayed in audit logs? Applicable Format - Software and Hardware Given below is the list of different severity levels with corresponding meaning: ·         Emergency : System is not usable ·         Alert: Action must be taken immediately ·         Critical: Critical condition ·         Error: Error condition ·         Warning: Warning condition ·         Notice: Normal but significant condition ·         Info: Informational ·         Debug: Debug-level messages 1.3.9. Open Source Cyberoam iView - Logs Archives 1.3.9.1. What is the meaning and need of archive logs? Applicable Format - Software and Hardware   Archive logs are collection of historical records, which are the initial line of forensic investigation. Cyberoam iView retains archive log data for the configured period. Data Retention period can be configured from the System → Configuration→ Data Management page. For further details, refer to Data Management section of Administrator Guide. 1.3.9.2. What is the meaning of various operations displayed under Action column? Applicable Format - Software and Hardware   Action column of Archive section displays various operations that can be performed on archive files. Given below is the name and description of the operations:   ·         Load: Load archived file from your local drive to the Cyberoam iView database.   ·         Unload: Unload archived file from Cyberoam iView database.   ·         Search: Perform a refined search based on multiple criteria. ·         Backup: Take backup of selected file on the machine on which Cyberoam iView is installed.       1.3.9.3. Why the checkbox against one of the file in archive section is disabled? Applicable Format - Software and Hardware   Cyberoam iView stores archived data for a specified day in four files and each file contains data for 6 hours. You can perform various actions on the archived files e.g, load, unload, search and backup. There are two possibilities for displaying disabled checkbox: ·         The archive file is not created yet ·         The file is loaded to Cyberoam iView database in this case selected disabled checkbox will be displayed. Please note that you need to load the archive file in Cyberoam iView database to perform unload and search operations.