Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Why does i have many pakets of this type

To: "Fw-1 Mailinglist" <[email protected]>
Subject: RE: [FW1] Why does i have many pakets of this type
From: "Hermann Strassner" <[email protected]>
Date: Thu, 15 Feb 2001 22:50:23 +0100
Importance: Normal
In-reply-to: <[email protected]>
Sender: [email protected]

Hello Larry,

i think you are right. But why does i have so many of these packets? What could be the reason for this?

The info filed says only: "len xx".

best regards
Hermann

> -----Original Message-----
> From: Larry Pingree [mailto:[email protected]]
> Sent: Thursday, February 15, 2001 8:53 PM
> To: Hermann Strassner; Fw-1 Mailinglist
> Subject: Re: [FW1] Why does i have many pakets of this type
> 
> 
> If you are using Firewall-1 4.1 I would assume that maybe these might
> pre-established connections that may be timing out? Take a look in the
> "Info" field and tell me what do you see there?
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
> Larry Pingree
> Sr. Security Consultant
> Email: [email protected]
> 
> SiegeWorks
> Company WebSite: http://www.siegeworks.com/
> Security Installation, Training and Consulting
> -=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
> ----- Original Message -----
> From: Hermann Strassner <[email protected]>
> To: Fw-1 Mailinglist <[email protected]>
> Sent: Thursday, February 15, 2001 12:24 AM
> Subject: [FW1] Why does i have many pakets of this type
> 
> 
> >
> > Hello all!
> >
> > I have a lot of these pakets with high ports and i do not 
> understand why.
> May someone explain it to me?
> >
> > Action  Service Source                           Destination   
> Proto  Rule
> S_Port
> > "drop"  "1684"  "ns2.UUNet"                      "Mailserver"  
> "udp"  "29"
> "nameserver"
> > "drop"  "10933" "marktplatz02.ebay.is-kunden.de" "NS1"         
> "tcp"  "29"
> "http"
> > "drop"  "57896" "mbr-s05.websys.aol.com"         "NS1"         
> "tcp"  "29"
> "84"
> > "drop"  "4718"  "www03.chip.icpro.de"            "NS1"         
> "tcp"  "29"
> "http"
> > "drop"  "3416"  "tp160178.adsl.tisnet.net.tw"    "Mailserver"  
> "tcp"  "29"
> "smtp"
> > "drop"  "1684"  "ns1.UUNet"                      "Mailserver"  
> "udp"  "29"
> "nameserver"
> > "drop"  "10933" "marktplatz02.ebay.is-kunden.de" "NS1"         
> "tcp"  "29"
> "http"
> > "drop"  "57896" "mbr-s05.websys.aol.com"         "NS1"         
> "tcp"  "29"
> "84"
> > "drop"  "4718"  "www03.chip.icpro.de"            "NS1"         
> "tcp"  "29"
> "http"
> > "drop"  "3416"  "tp160178.adsl.tisnet.net.tw"    "Mailserver"  
> "tcp"  "29"
> "smtp"
> > "drop"  "1684"  "ns2.UUNet"                      "Mailserver"  
> "udp"  "29"
> "nameserver"
> >
> > I have "Accept Established TCP Connections" (Policy / Properties /
> AccessList)" on first.
> > SMTP connections and Nameserver traffic are OK, i haven´t 
> noticed anything
> else. It looks like there is only a small count of the 
> connections dropped.
> >
> > These errors are also in times where our Internet connection is not used
> up, and also with connections that do not go to the Internet, only to the
> DMZ.
> > Are there any other possible reasons?
> >
> > Hermann



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Why does i have many pakets of this type
  - From: "Larry Pingree" <[email protected]>

References:
- Re: [FW1] Why does i have many pakets of this type
  - From: "Larry Pingree" <[email protected]>

Prev by Date: Re: [FW1] Very strange mail issue..
Next by Date: RE: [FW1] SecurRemote and Win2KPro
Previous by thread: Re: [FW1] Why does i have many pakets of this type
Next by thread: Re: [FW1] Why does i have many pakets of this type
Index(es):
- Date
- Thread