Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort/Logsnorter/PureSecure Cisco ACL's

From: "Michael Scheidell" <scheidell () secnap net>
Date: Mon, 17 Nov 2003 09:10:42 -0500
At the very least, it means that the clock on the cisco box is not ntp synced, and therefore you cannot trust it:

see the *Nov 12 00:09:21?

(its the '*')
: Nov 12

00:11:03 c4700 3062: *Nov 12 00:09:21 EST: %SEC-6-IPACCESSLOGP: list 185 denied
tcp XX.XX.XXX.XXX(52076) -> YY.YY.YYY.YYY(135), 2 packets


-- 
Michael Scheidell
SECNAP Network Security
561-368-9561 x 1131
www.secnap.com 


-------------------------------------------------------
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: