|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Firewall logs
Hello, This may be a little out of the subject matter but but u guys are the best to answer this. Last 13th one of our staff has accesed a website called www.bravenet.com and ever since (6 days now) a server from their domain "arrowrev.bravenet.com" it is trying to connect in to my proxy server http port every 2 minutes. My fw is dropping the packet on rule 0 with "unknown established TCP packet". My firewall only allows my internal clients to access my proxy. Therefore any attempt to access the proxy by any other machine should be dropped by the clean up rule. So I have 2 issues 1. Has anyone come across this web site trying to connect to internal machines?. If so any explanations? 2. Why does the fw drop the connection with "unknown established TCP packet" ?. The Secureknowladge site says "This message refers to a reply packet from an established connection for which FireWall-1 has no state information saved. " . Then why does it allow to establish a initial connection since this connection should never have been made as it is not allowed to access the proxy server ? Thanks in advance Nishan ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
