[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Logging question
Yes. - - Robert P. MacDonald, Network Engineer Team Lead, e-Business Infrastructure G o r d o n F o o d S e r v i c e Voice:email: [email protected] >>> Ian Campbell <[email protected]> 11/16/00 1:11:45 PM >>> > >Could these 1918 addresses be used for WAN links by your ISP? > >-----Original Message----- >From: Tom Sevy [mailto:[email protected]] >Sent: Thursday, November 16, 2000 9:48 AM >To: 'Hoang'; [email protected] >Subject: RE: [FW1] Logging question > >We see *lots* of RFC 1918 (illegal internet, set aside for internal) >addresses. Ended up putting in throrough Access lists in my border routers >to stop them (with syslog logging to another host, so I still see them, but >not at the FW logs, only in the Syslogs). > >-----Original Message----- >From: Hoang [mailto:[email protected]] >Sent: Thursday, November 16, 2000 11:06 AM >To: [email protected] >Subject: [FW1] Logging question > >Lately, I've noticed from the log that I got a lot of drop records >generating from 192.168.27.x to my FW external interface. The 192.168.27.x >network is a private class C, and it is not part of my internal network. >The ports are 9960, 15994, 17600, etc.. All high ports. Can anyone give >some insight on this? > >Thanks >Hoang ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|