I am getting a lot of drops on service 2301
from some of my servers that are internal but are behind an internal NT
router.
The Service is: 2301
Source: 10.0.0.6, 10.0.0.5,
etc...
Destination: 255.255.255.255
Protocol: UDP
RULE: 0
I have shut down ALL compaq management agents
on all my servers as i was told what service 2301 was. But this
service still shows up as a drop in my logs.
These drops are showing up so often that it
is growing my log at 1MB+/ day, and I had to do a frequent fw
logswitch or else I could not open my log viewer.
My internal net range is
192.100.101.0/24
But There are some servers on the 10.0.0.0/8
network
There is an NT router that separates these
two internal networks.
FW--------192.100.101.0/24 ------------
NTROUTER ------10.0.0.0/8
We do not care about 10.0.0.0/8 as far as
browsing the internet is concerned. We have not defined a network object
for 10.0.0.0 on our firewall. But these drops keep showing up on my
firewall logs.
Any help much
appreciated.