Snort mailing list archives
Re: Snort/Logsnorter/PureSecure Cisco ACL's
From: "Michael Scheidell" <scheidell () secnap net>
Date: Mon, 17 Nov 2003 09:10:42 -0500
At the very least, it means that the clock on the cisco box is not ntp synced, and therefore you cannot trust it: see the *Nov 12 00:09:21? (its the '*') : Nov 12
00:11:03 c4700 3062: *Nov 12 00:09:21 EST: %SEC-6-IPACCESSLOGP: list 185 denied tcp XX.XX.XXX.XXX(52076) -> YY.YY.YYY.YYY(135), 2 packets
-- Michael Scheidell SECNAP Network Security 561-368-9561 x 1131 www.secnap.com ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort/Logsnorter/PureSecure Cisco ACL's Dave Lewis (Nov 13)
- <Possible follow-ups>
- Re: Snort/Logsnorter/PureSecure Cisco ACL's Michael Scheidell (Nov 17)
- Re: Snort/Logsnorter/PureSecure Cisco ACL's Dave Lewis (Nov 21)