Security Incidents mailing list archives
Invalid IP address
From: Steven Lee <idsforensic () yahoo com>
Date: 21 Oct 2002 20:05:10 -0000
I am seeing this on my router syslog after I applied an access list on the internal interface. Can anyone tell me what this could be? The 68.84.8.41 is a comcast IP that is active on the network; however, someone inside our network is attempting to use it to go out to other sites? Thanks for your help. l7.Info X.X.X.X 38644: .Oct 21 13:40:27: %SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 67.34.160.17(0), 1 packet 2002-10-21 13:35:37 Local7.Info X.X.X.X 38645: .Oct 21 13:40:28: % SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 217.121.116.154 (0), 1 packet 2002-10-21 13:35:38 Local7.Info X.X.X.X 38646: .Oct 21 13:40:29: % SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 141.156.130.147 (0), 1 packet 2002-10-21 13:35:39 Local7.Info X.X.X.X 38647: .Oct 21 13:40:30: % SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 68.9.184.233(0), 2 packets 2002-10-21 13:35:40 Local7.Info X.X.X.X 38648: .Oct 21 13:40:32: % SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 24.203.121.105 (0), 1 packet 2002-10-21 13:35:41 Local7.Info X.X.X.X 38649: .Oct 21 13:40:33: % SEC-6-IPACCESSLOGP: list 101 denied tcp 68.84.8.41(0) -> 67.82.63.49(0), 1 packet ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Invalid IP address Steven Lee (Oct 21)
- Re: Invalid IP address Kerry Thompson (Oct 21)
- Re: Invalid IP address David Pick (Oct 22)
- Re: Invalid IP address Dave Phelps (Oct 22)
- Re: Invalid IP address Jérôme Tytgat (Oct 23)
- Re: Invalid IP address Kerry Thompson (Oct 21)