Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Logging question

To: "'Hoang'" <[email protected]>, [email protected]
Subject: RE: [FW1] Logging question
From: Tom Sevy <[email protected]>
Date: Thu, 16 Nov 2000 12:48:04 -0500
Sender: [email protected]

We see *lots* of RFC 1918 (illegal internet, set aside for internal)
addresses.  Ended up putting in throrough Access lists in my border routers
to stop them (with syslog logging to another host, so I still see them, but
not at the FW logs, only in the Syslogs).

-----Original Message-----
From: Hoang [mailto:[email protected]]
Sent: Thursday, November 16, 2000 11:06 AM
To: [email protected]
Subject: [FW1] Logging question

Lately,  I've noticed from the log that I got a lot of drop records
generating from 192.168.27.x to my FW external interface.  The 192.168.27.x
network is a private class C, and it is not part of my internal network.
The ports are 9960, 15994, 17600, etc.. All high ports.  Can anyone give
some insight on this?

Thanks
Hoang

============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====

================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Upgrade to SP2
Next by Date: Re: [FW1] Create master rulebase from local
Previous by thread: Re: [FW1] Logging question
Next by thread: RE: [FW1] Logging question
Index(es):
- Date
- Thread