Great Circle Associates Firewalls
(September 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Denied packets with no protocol??
From: Rafi Sadowsky <rafi @ tavor . openu . ac . il>
Date: Tue, 3 Sep 1996 20:49:39 +0300 (IDT)
To: Rob Sansom <sansom @ connectix . com>
Cc: firewalls @ greatcircle . com
In-reply-to: <199609031546 . IAA05440 @ apu . connectix . com> 
you get this (no type) normally with an ip deny rule ( no subprotocol e.g.
TCP,UDP,ICMP... ) what is the deny rule that caused it ?



-- 
Rafi Sadowsky                                   rafi @
 tavor .
 openu .
 ac .
 il
[postmaster @
 openu .
 ac .
 il]                        FAX: +972-3-6460744

On Tue, 3 Sep 1996, Rob Sansom wrote:

> Anybody know what this is???  It appears to be from a dial in terminal 
> server in Germany.
> 
> denied 5 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:33:03 gate247159.connectix.com 2377: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 10 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:35:32 gate247159.connectix.com 2378: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 3 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:35:39 gate247159.connectix.com 2379: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 9 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:38:27 gate247159.connectix.com 2380: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 10 141.2.28.130 -> 204.247.159.244, 3 packets
> Aug 30 14:44:27 gate247159.connectix.com 2381: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 10 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:54:45 gate247159.connectix.com 2382: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 15 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:54:45 gate247159.connectix.com 2383: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 11 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:56:27 gate247159.connectix.com 2384: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 10 141.2.28.130 -> 204.247.159.244, 2 packets
> Aug 30 14:56:45 gate247159.connectix.com 2385: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 4 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 14:57:27 gate247159.connectix.com 2386: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 5 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:01:41 gate247159.connectix.com 2387: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 12 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:03:16 gate247159.connectix.com 2388: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 14 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:03:27 gate247159.connectix.com 2389: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 15 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:03:27 gate247159.connectix.com 2390: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 11 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:03:27 gate247159.connectix.com 2391: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 9 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:03:29 gate247159.connectix.com 2392: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 8 141.2.28.130 -> 204.247.159.244, 1 packet
> Aug 30 15:07:27 gate247159.connectix.com 2393: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 12 141.2.28.130 -> 204.247.159.244, 5 packets
> Aug 30 15:08:27 gate247159.connectix.com 2394: %SEC-6-IPACCESSLOGNP: list 
> 120 denied 14 141.2.28.130 -> 204.247.159.244, 2 packets
> Aug 30 15:18:34 gate247159.connectix.com 2395: %SEC-6-IPACCESSLOGP: list 
> 120
> 
> Rob Sansom
> Network Admin.
> Connectix Corp
> (415) 638-7398
> sansom @
 connectix .
 com
>
References:
Indexed By Date Previous: Re: Firewall-1 Logs
From: sj @ bear . com (Shahryar Jahangir)
Next: Re: C2 certified OS that can run a firewall
From: Rick Smith <smith @ sctc . com>
Indexed By Thread Previous: Denied packets with no protocol??
From: Rob Sansom <sansom @ connectix . com>
Next: Re: NT port activity list
From: Bill Stout <bill . stout @ hidata . com>
Google
 
Search Internet Search www.greatcircle.com