Altair Technologies - "sample" firewall log analysis for
06/10/2002 00:00:00 to 06/10/2002 23:59:59

Summary

Process	Events		Duration (in minutes)	Sent (in MB)	Rcvd (in MB)	Types
Process	Processed	Reported	Duration (in minutes)	Sent (in MB)	Rcvd (in MB)	Info	Notice	Warning	Error	Alert	Critical	Emergency
cifsd	3	3	0	0	0	3
dnsd	116	116	0	0	0	116
eaglelogd	2	2	0	0	0	2
ftpd	4	4	0	0	3	4
gwcontrol	1,027	1,027	0	0	0		1,024			3
httpd	749	749	27	149	1,390	674	1	74
kernel	609	609	0	0	0		12	597
nbdgramd	196	196	7	0	0	196
notifyd	2	2	0	0	0			1			1
pingd	285	285	306	19	19	284		1
readhawk	7	7	0	3	1,113	4		1		2
smtp	31	31	3	243	7	19	6	3		3
tcp-gsp	1	1	0	0	0			1
tcpap-gsp	28	28	1	0	0	2		13	13
udp-gsp	885	885	30	15	15	833		52
vultured	1	1	0	0	0				1
Totals	3,946	3,946	374	429	2,547	2,137	1,043	743	14	8	1	0
Filtered	0

Research links

CIFSD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 09:24:18	06/10/02 09:24:40	3	Statistics: duration=nnn id=nnn src=192.168.0.231/pppp proto=cifs (Disconnected prematurely)

DNSD - Back to top

No.	Type	Start	End	Count	Message
1	120	06/10/02 00:22:55	06/10/02 23:52:31	15	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
2	120	06/10/02 00:13:30	06/10/02 23:59:46	14	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 142.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
3	120	06/10/02 00:12:49	06/10/02 03:39:49	9	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
4	120	06/10/02 03:36:04	06/10/02 23:42:53	6	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
5	120	06/10/02 19:45:39	06/10/02 20:24:38	6	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
6	120	06/10/02 00:58:32	06/10/02 03:43:41	6	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 142.0.42.10.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
7	120	06/10/02 00:11:03	06/10/02 03:14:01	4	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 40.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
8	120	06/10/02 00:33:07	06/10/02 23:28:12	4	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 71.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
9	120	06/10/02 00:28:38	06/10/02 22:28:43	4	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
10	120	06/10/02 19:46:42	06/10/02 21:36:43	3	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 198.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
11	120	06/10/02 18:28:13	06/10/02 18:28:13	3	dnsd Info: Refusing request from 216.33.87.9 (on interface 34.28.69.34) for Address for . - not authoritative and not recursing for this request
12	120	06/10/02 01:16:31	06/10/02 23:38:38	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 207.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
13	120	06/10/02 00:12:31	06/10/02 03:15:31	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 128.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
14	120	06/10/02 16:57:47	06/10/02 16:57:47	3	dnsd Info: Refusing request from 216.33.87.8 (on interface 34.28.69.34) for Address for . - not authoritative and not recursing for this request
15	120	06/10/02 00:14:01	06/10/02 23:37:05	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 205.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
16	120	06/10/02 01:35:38	06/10/02 03:47:52	3	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 11.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
17	120	06/10/02 01:23:37	06/10/02 19:43:39	3	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
18	120	06/10/02 00:23:01	06/10/02 19:42:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
19	120	06/10/02 09:30:31	06/10/02 09:31:42	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 2.221.5.209.in-addr.arpa. - no progress possible (ntserver.microsoft.ca./No NS address, ns.sprint-canada.net./Lame)
20	120	06/10/02 20:40:39	06/10/02 23:41:30	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 11.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
21	120	06/10/02 02:14:43	06/10/02 02:14:43	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
22	120	06/10/02 00:26:01	06/10/02 22:48:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 41.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
23	120	06/10/02 19:30:06	06/10/02 20:31:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 40.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
24	120	06/10/02 19:31:36	06/10/02 20:32:36	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 128.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
25	120	06/10/02 01:35:30	06/10/02 01:37:16	2	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
26	120	06/10/02 01:03:41	06/10/02 01:03:41	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
27	120	06/10/02 20:42:21	06/10/02 20:42:21	1	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - failsafe timeout expired (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
28	120	06/10/02 00:32:45	06/10/02 00:32:45	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
29	120	06/10/02 01:23:37	06/10/02 01:23:37	1	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
30	120	06/10/02 20:42:05	06/10/02 20:42:05	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - failsafe timeout expired (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
!!!	There were 33 messages to be reported but the listing is limited to 30.

EAGLELOGD - Back to top

No.	Type	Start	End	Count	Message
1	108	06/10/02 00:00:01	06/10/02 00:00:01	1	starting new log file. UTC offset is -0500, Year is 2002, Raptor Security Gateway is 6.5, OS is "NT 4.0 (Build 1381: Service Pack 5)", Platform is "Intel x86"
2	107	12/25/02 00:00:03	12/25/02 00:00:03	1	closing log file

FTPD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 12:35:58	06/10/02 12:35:58	1	Statistics: duration=nnn id=nnn rid=187ti rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/17291 svsrc=64.39.69.34/pppp dst=161.69.2.7/3376 op=LIST arg=/pub/antivirus/datfiles/4.x result="226 Transfer complete." proto=ftp-data
2	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp svsrc=64.39.69.34/pppp dstif=Vpn3 dst=161.69.2.7/21 proto=ftp rule=1
3	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn rid=187tf rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/17597 svsrc=64.39.69.34/pppp dst=161.69.2.7/3364 op=LIST arg=/pub/antivirus/datfiles/4.x result="226 Transfer complete." proto=ftp-data
4	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn rid=187tf rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/15088 svsrc=64.39.69.34/pppp dst=161.69.2.7/3370 op=RETR arg=/pub/antivirus/datfiles/4.x/DELTA.INI result="226 Transfer complete." proto=ftp-data

GWCONTROL - Back to top

No.	Type	Start	End	Count	Message
1	201	06/10/02 00:00:57	06/10/02 23:59:46	196	nbdgram: access denied for 192.168.0.142 to 199.166.214.133 [default rule] [no rules found]
2	201	06/10/02 00:34:33	06/10/02 23:52:46	89	53/udp: access denied for 172.32.10.11 to a.root-servers.net [default rule] [no rules found]
3	201	06/10/02 03:48:12	06/10/02 23:52:46	65	53/udp: access denied for 172.32.10.11 to m.root-servers.net [default rule] [no rules found]
4	201	06/10/02 00:34:39	06/10/02 23:52:47	63	53/udp: access denied for 172.32.10.11 to d.root-servers.net [default rule] [no rules found]
5	201	06/10/02 00:34:36	06/10/02 23:52:47	62	53/udp: access denied for 172.32.10.11 to b.root-servers.net [default rule] [no rules found]
6	201	06/10/02 00:34:36	06/10/02 23:52:47	60	53/udp: access denied for 172.32.10.11 to c.root-servers.net [default rule] [no rules found]
7	201	06/10/02 00:36:17	06/10/02 19:41:21	54	53/udp: access denied for 172.32.10.12 to blackhole.isi.edu [default rule] [no rules found]
8	201	06/10/02 00:34:33	06/10/02 19:39:50	53	53/udp: access denied for 172.32.10.11 to blackhole.isi.edu [default rule] [no rules found]
9	201	06/10/02 01:35:11	06/10/02 22:42:16	49	53/udp: access denied for 172.32.10.11 to 192.203.230.10 [default rule] [no rules found]
10	201	06/10/02 03:48:12	06/10/02 23:53:02	49	53/udp: access denied for 172.32.10.11 to k.root-servers.net [default rule] [no rules found]
11	201	06/10/02 03:48:12	06/10/02 19:52:48	48	53/udp: access denied for 172.32.10.11 to f.root-servers.net [default rule] [no rules found]
12	201	06/10/02 03:48:12	06/10/02 19:52:48	48	53/udp: access denied for 172.32.10.11 to rns.arl.mil [default rule] [no rules found]
13	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to j.root-servers.net [default rule] [no rules found]
14	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to i.root-servers.net [default rule] [no rules found]
15	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to G.ROOT-SERVERS.NET [default rule] [no rules found]
16	201	06/10/02 03:48:12	06/10/02 11:52:10	26	53/udp: access denied for 172.32.10.11 to l.root-servers.net [default rule] [no rules found]
17	201	06/10/02 00:34:39	06/10/02 23:41:31	18	53/udp: access denied for 172.32.10.11 to E.ROOT-SERVERS.NET [default rule] [no rules found]
18	201	06/10/02 04:50:04	06/10/02 20:08:06	2	http: access denied for sntc01hpov.exodus.net to samplefw.ffhexodustor.com [default rule] [no rules found]
19	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 5 tries in 1 hour
20	201	06/10/02 01:45:48	06/10/02 01:45:48	1	http: access denied for 62.254.209.4 to samplefw.ffhexodustor.com [default rule] [no rules found]
21	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 1020 tries in 7 days
22	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 367 tries in 1 day

HTTPD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 00:00:48	06/10/02 23:56:52	573	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=34.28.65.8/pppp cldst=34.28.69.36/80 svsrc=34.28.65.8/pppp dstif=Vpn6 dst=172.32.10.10/80 op=GET arg=http://172.32.10.10/ result="200 OK" proto=http rule=2
2	310	06/10/02 04:20:24	06/10/02 20:06:04	60	user.producerpartners.com 208.3.107.170: can't verify reverse address
3	310	06/10/02 02:13:58	06/10/02 20:41:05	14	user.producerpartners.com 208.3.107.171: can't verify reverse address
4	121	06/10/02 12:38:52	06/10/02 12:47:01	7	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.206.240.100/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11 (Unknown error)
5	121	06/10/02 12:36:57	06/10/02 12:38:56	5	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.206.240.100/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11
6	121	06/10/02 09:31:57	06/10/02 09:37:25	4	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.5.221.2/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11
7	121	06/10/02 06:11:37	06/10/02 18:11:34	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.205.38.34/pppp cldst=64.39.69.33/80 svsrc=209.205.38.34/pppp dstif=Vpn6 dst=172.32.10.11/80 op=GET arg=http://intrapxy1.altairtech.ca/ffhtoronto/images/logon_top.jpg result="304 Not Modified" proto=http rule=2
8	121	06/10/02 02:14:31	06/10/02 14:14:08	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_top.jpg result="304 Not Modified" proto=http rule=2
9	121	06/10/02 07:44:26	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/transparent.gif result="304 Not Modified" proto=http rule=2
10	121	06/10/02 07:45:05	06/10/02 19:45:08	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/portal_help_top.htm result="304 Not Modified" proto=http rule=2
11	121	06/10/02 07:44:45	06/10/02 19:45:23	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/menu.htm result="304 Not Modified" proto=http rule=2
12	121	06/10/02 08:05:06	06/10/02 20:06:04	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/corechange.gif result="304 Not Modified" proto=http rule=2
13	121	06/10/02 04:20:24	06/10/02 16:21:26	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/portalfunctions/WebAlign/images/header_priority.gif result="304 Not Modified" proto=http rule=2
14	121	06/10/02 08:05:21	06/10/02 20:06:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_left.jpg result="304 Not Modified" proto=http rule=2
15	121	06/10/02 07:45:35	06/10/02 19:45:13	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_mid_right.gif result="304 Not Modified" proto=http rule=2
16	121	06/10/02 04:50:04	06/10/02 20:08:06	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.33.139.166/pppp dst=34.28.69.34/80 op=HEAD arg=/ result="403 Forbidden" proto=http (request denied by gwcontrol)
17	121	06/10/02 08:40:13	06/10/02 20:41:10	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_bottom.jpg result="304 Not Modified" proto=http rule=2
18	121	06/10/02 07:45:30	06/10/02 19:44:59	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/controls/windowssso.cab result="304 Not Modified" proto=http rule=2
19	121	06/10/02 07:45:20	06/10/02 19:45:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_mid_left.gif result="304 Not Modified" proto=http rule=2
20	121	06/10/02 07:45:15	06/10/02 19:45:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/user_interface.gif result="304 Not Modified" proto=http rule=2
21	121	06/10/02 08:23:02	06/10/02 20:24:00	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/login.css result="304 Not Modified" proto=http rule=2
22	121	06/10/02 07:46:25	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_change_tab.gif result="304 Not Modified" proto=http rule=2
23	121	06/10/02 07:45:50	06/10/02 19:45:13	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/header_logout.gif result="304 Not Modified" proto=http rule=2
24	121	06/10/02 04:20:26	06/10/02 16:21:26	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/default.css result="304 Not Modified" proto=http rule=2
25	121	06/10/02 06:07:22	06/10/02 18:08:25	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_background.gif result="304 Not Modified" proto=http rule=2
26	121	06/10/02 07:46:10	06/10/02 19:45:28	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/header_tab_edge.gif result="304 Not Modified" proto=http rule=2
27	121	06/10/02 07:46:20	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_frame_background.gif result="304 Not Modified" proto=http rule=2
28	121	06/10/02 02:14:30	06/10/02 14:14:05	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/mi2g.gif result="304 Not Modified" proto=http rule=2
29	121	06/10/02 07:44:40	06/10/02 19:45:23	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_maximize.gif result="304 Not Modified" proto=http rule=2
30	121	06/10/02 06:11:28	06/10/02 18:11:34	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.205.38.34/pppp cldst=64.39.69.33/80 svsrc=209.205.38.34/pppp dstif=Vpn6 dst=172.32.10.11/80 op=GET arg=http://intrapxy1.altairtech.ca/ffhtoronto/images/mi2g.gif result="304 Not Modified" proto=http rule=2
!!!	There were 51 messages to be reported but the listing is limited to 30.

KERNEL - Back to top

No.	Type	Start	End	Count	Message
1	301	06/10/02 00:02:01	06/10/02 23:58:11	545	Internal warning: TCP session [state: 3, inactive for nn seconds] between 34.28.65.8/pppp and 34.28.69.36/80 timed out due to inactivity
2	226	06/10/02 00:34:22	06/10/02 13:30:54	12	IP packet dropped (sntc01hpov.exodus.net[216.33.139.166]->mail.altairtech.ca[34.28.69.34]: Protocol=ICMP[Mask request]): Unusual or disallowed ICMP (received on interface 34.28.69.34)
3	301	06/10/02 06:12:41	06/10/02 18:12:41	6	Internal warning: TCP session [state: 3, inactive for nn seconds] between 209.205.38.34/pppp and 64.39.69.33/80 timed out due to inactivity
4	301	06/10/02 00:42:24	06/10/02 17:44:33	5	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.52.49.35/pppp and 34.28.69.34/25 timed out due to inactivity
5	301	06/10/02 09:32:31	06/10/02 09:38:35	4	Internal warning: TCP session [state: 3, inactive for nn seconds] between 209.5.221.2/pppp and 34.28.69.34/443 timed out due to inactivity
6	301	06/10/02 04:51:27	06/10/02 20:08:33	2	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.33.139.166/pppp and 34.28.69.34/80 timed out due to inactivity
7	301	06/10/02 12:37:24	06/10/02 12:42:00	2	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.206.240.100/pppp and 34.28.69.34/443 timed out due to inactivity
8	301	06/10/02 12:42:33	06/10/02 12:42:33	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/4528 timed out due to inactivity
9	301	06/10/02 17:18:05	06/10/02 17:18:05	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/9468 timed out due to inactivity
10	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.141/pppp and 24.0.95.25/25 timed out due to inactivity
11	301	06/10/02 20:50:40	06/10/02 20:50:40	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.208.64.162/pppp and 34.28.69.34/25 timed out due to inactivity
12	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 24.0.95.25/pppp and 34.28.69.34/4594 timed out due to inactivity
13	301	06/10/02 09:04:18	06/10/02 09:04:18	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/1025 timed out due to inactivity
14	301	06/10/02 13:55:25	06/10/02 13:55:25	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/5844 timed out due to inactivity
15	301	06/10/02 09:38:35	06/10/02 09:38:35	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/1604 timed out due to inactivity
16	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.141/pppp and 216.33.238.136/25 timed out due to inactivity
17	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.33.238.136/pppp and 34.28.69.34/4597 timed out due to inactivity
18	301	06/10/02 07:46:26	06/10/02 07:46:26	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 172.32.10.10/pppp and 34.28.65.8/8608 timed out due to inactivity
19	301	06/10/02 00:42:24	06/10/02 00:42:24	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/1177 timed out due to inactivity
20	301	06/10/02 09:34:34	06/10/02 09:34:34	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/1567 timed out due to inactivity
21	301	06/10/02 09:34:34	06/10/02 09:34:34	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/1556 timed out due to inactivity
22	301	06/10/02 07:46:26	06/10/02 07:46:26	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 172.32.10.10/pppp and 34.28.65.8/8622 timed out due to inactivity
23	301	06/10/02 07:47:24	06/10/02 07:47:24	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 172.32.10.10/pppp and 34.28.65.8/8631 timed out due to inactivity
24	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.141/pppp and 209.226.175.82/25 timed out due to inactivity
25	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 209.82.62.48/pppp and 34.28.69.34/4590 timed out due to inactivity
26	301	06/10/02 01:47:04	06/10/02 01:47:04	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 62.254.209.4/pppp and 34.28.69.34/80 timed out due to inactivity
27	301	06/10/02 17:44:33	06/10/02 17:44:33	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/9954 timed out due to inactivity
28	301	06/10/02 12:37:24	06/10/02 12:37:24	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/4451 timed out due to inactivity
29	301	06/10/02 19:19:46	06/10/02 19:19:46	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 172.32.10.10/pppp and 34.28.65.8/2727 timed out due to inactivity
30	301	06/10/02 12:47:01	06/10/02 12:47:01	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.141/pppp and 209.82.62.48/25 timed out due to inactivity
!!!	There were 40 messages to be reported but the listing is limited to 30.

NBDGRAMD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 00:00:57	06/10/02 23:59:46	195	Statistics: duration=nnn id=nnn srcif=Vpn4 src=192.168.0.142/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=199.166.214.133/pppp proto=nbdgram (Not authorized)
2	121	06/10/02 01:43:17	06/10/02 01:43:17	1	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn4 src=192.168.0.142/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=199.166.214.133/pppp proto=nbdgram (Not authorized)

NOTIFYD - Back to top

No.	Type	Start	End	Count	Message
1	308	06/10/02 15:42:12	06/10/02 15:42:12	1	Warning: can't lookup host mail.altairtech.ca
2	606	06/10/02 15:42:12	06/10/02 15:42:12	1	failed to notify: transport=Mail, priority=Error, (adrian@altairtech.ca, 0)

PINGD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 00:03:10	06/10/02 23:58:21	283	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.33.139.166 dst=34.28.69.34 proto=ping (Implicitly allowed -- local interface)
2	343	06/10/02 09:30:37	06/10/02 09:30:37	1	Interfaces Warning: Unable to determine tunnel information for destination address 34.28.69.40 - is the system local and down? -- test connectivity with ping
3	121	06/10/02 09:30:37	06/10/02 09:30:37	1	Statistics: duration=nnn id=nnn sent=nnn src=209.5.221.2 dst=34.28.69.40 proto=ping (failed to get call addressing information)

READHAWK - Back to top

No.	Type	Start	End	Count	Message
1	512	06/10/02 14:56:11	06/10/02 14:56:11	1	Unauthorized remote connect attempt from host 216.208.64.162 (no entry in remkeys -- access to remote logging functions are denied)Jun 10 14:57:47.359 samplefw httpd: 121 Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=34.28.65.8/pppp cldst=34.28.69.36/80 svsrc=34.28.65.8/pppp dstif=Vpn6 dst=172.32.10.10/80 op=GET arg=http://172.32.10.10/ result="200 OK" proto=http rule=2
2	115	06/10/02 01:03:18	06/10/02 01:03:18	1	remotelog: remote management connection from host 172.18.10.10
3	343	06/10/02 11:40:18	06/10/02 11:40:18	1	readhawk Warning: Key negotiation failure -- probably incorrect password
4	115	06/10/02 11:40:17	06/10/02 11:40:17	1	readhawk: remote management connection from host 172.18.10.39
5	512	06/10/02 14:54:05	06/10/02 14:54:05	1	Unauthorized remote connect attempt from host 216.208.64.162 (no entry in remkeys -- access to remote management functions are denied)
6	121	06/10/02 01:03:48	06/10/02 01:03:48	1	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=172.18.10.10/pppp dst=192.168.0.130/417 proto=remotelog
7	116	06/10/02 01:03:48	06/10/02 01:03:48	1	remotelog: remote management completed

SMTP - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 03:43:01	06/10/02 09:44:44	3	Statistics: duration=nnn id=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=63.79.76.132/pppp proto=smtp rule=1 (Cannot connect to server)
2	228	06/10/02 03:43:51	06/10/02 09:45:33	3	smtp: can't connect to gateway.kellogg.com port 25 (Connection timed out.)
3	121	06/10/02 03:43:51	06/10/02 09:45:33	3	Statistics: duration=nnn id=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.108.149.20/pppp proto=smtp rule=1 (Cannot connect to server)
4	228	06/10/02 03:43:01	06/10/02 09:44:44	3	smtp: can't connect to 63.79.76.132 port 25 (Connection refused.)
5	121	06/10/02 13:55:18	06/10/02 13:55:18	1	Statistics: duration=nnn user=<> id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.222.100.67/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<0037153511818c0WEB012@web012.intranets.com> result="250 2.6.0 <0037153511818c0WEB012@web012.intranets.com> Queued mail for delivery" proto=smtp rule=11
6	121	06/10/02 09:03:03	06/10/02 09:03:03	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.52.49.35/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<20001224135859.18045.qmail@web5505.mail.yahoo.com> result="250 2.6.0 <20001224135859.18045.qmail@web5505.mail.yahoo.com> Queued mail for delivery" proto=smtp rule=11
7	121	06/10/02 20:49:28	06/10/02 20:49:28	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.208.64.162/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 2 recips" arg=<200012250144.UAA11151@effhsun01.acme.com> result="250 2.6.0 <200012250144.UAA11151@effhsun01.acme.com> Queued mail for delivery" proto=smtp rule=11
8	310	06/10/02 14:27:39	06/10/02 14:27:39	1	nameservices.net 216.117.150.153: can't verify reverse address - mismatched reverse lookup: 208.234.1.33
9	121	06/10/02 00:41:29	06/10/02 00:41:29	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.52.49.35/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" result="250 2.6.0 Queued mail for delivery" proto=smtp rule=11
10	121	06/10/02 10:07:33	06/10/02 10:07:33	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=204.68.24.28/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<20001224150409.18818.qmail@nw128.netaddress.usa.net> result="250 2.6.0 <20001224150409.18818.qmail@nw128.netaddress.usa.net> Queued mail for delivery" proto=smtp rule=11
11	121	06/10/02 17:16:29	06/10/02 17:16:29	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.52.49.35/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<200012242212.eBOMCmF63404@hub.org> result="250 2.6.0 <200012242212.eBOMCmF63404@hub.org> Queued mail for delivery" proto=smtp rule=11
12	121	06/10/02 12:42:04	06/10/02 12:42:04	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.52.49.35/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<20001224172412.16629.qmail@sun01293.dn.net> result="250 2.6.0 <20001224172412.16629.qmail@sun01293.dn.net> Queued mail for delivery" proto=smtp rule=11
13	514	06/10/02 05:20:31	06/10/02 05:20:31	1	smtpd: Unauthorized SMTP protocol: command 'WIZ' from gateway.tescom.co.uk ([194.205.85.2])Jun 10 05:21:40.593 samplefw httpd: 121 Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=34.28.65.8/pppp cldst=34.28.69.36/80 svsrc=34.28.65.8/pppp dstif=Vpn6 dst=172.32.10.10/80 op=GET arg=http://172.32.10.10/ result="200 OK" proto=http rule=2
14	121	06/10/02 12:45:40	06/10/02 12:45:40	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34/pppp dstif=Vpn3 dst=216.129.36.12/25 op="To 1 recips" arg= result="250 MAA19911 Message accepted for delivery" proto=smtp rule=1
15	503	06/10/02 10:17:48	06/10/02 10:17:48	1	poptart.svr.home.net 24.0.26.24: reverse address 24.0.26.112,24.0.26.113 doesn't match -- denied
16	343	06/10/02 19:17:32	06/10/02 19:17:32	1	smtpd Warning: Sender from [10.42.0.141] tried to send to '' - Bad recipient format -- possible relay attempt
17	121	06/10/02 12:45:39	06/10/02 12:45:39	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34/pppp dstif=Vpn3 dst=209.82.62.48/25 op="To 1 recips" arg= result="250 NAA17808 Message accepted for delivery" proto=smtp rule=1
18	121	06/10/02 12:45:39	06/10/02 12:45:39	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34/pppp dstif=Vpn3 dst=24.0.95.25/25 op="To 1 recips" arg= result="250 JAA10307 Message accepted for delivery" proto=smtp rule=1
19	310	06/10/02 14:27:39	06/10/02 14:27:39	1	nameservices.net 216.117.150.153: can't verify reverse address - lookup does not include original address: 208.234.1.33
20	121	06/10/02 17:43:24	06/10/02 17:43:24	1	Statistics: duration=nnn user=<> id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.52.49.35/pppp cldst=34.28.69.34/25 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/25 op="To 1 recips" arg=<200012242236.OAA11994@p6.webshots.com> result="250 2.6.0 <200012242236.OAA11994@p6.webshots.com> Queued mail for delivery" proto=smtp rule=11
21	121	06/10/02 12:45:39	06/10/02 12:45:39	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34/pppp dstif=Vpn3 dst=209.226.175.82/25 op="To 1 recips" arg= result="250 Message received: 20001224174217.KFZP13021.tomts10-srv.bellnexxia.net@mail.altairtech.ca" proto=smtp rule=1
22	121	06/10/02 12:45:40	06/10/02 12:45:40	1	Statistics: duration=nnn user= id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=192.168.0.141/pppp svsrc=34.28.69.34/pppp dstif=Vpn3 dst=216.33.238.136/25 op="To 2 recips" arg= result="250 Requested mail action okay, completed" proto=smtp rule=1
23	503	06/10/02 10:42:12	06/10/02 10:42:12	1	poptart.svr.home.net 24.0.26.24: reverse address 24.0.26.113,24.0.26.112 doesn't match -- denied

TCP-GSP - Back to top

No.	Type	Start	End	Count	Message
1	344	06/10/02 08:53:16	06/10/02 08:53:16	1	110/tcp: Non-transparent call from trt-on54-072.netcom.ca

TCPAP-GSP - Back to top

No.	Type	Start	End	Count	Message
1	401	06/10/02 08:34:44	06/10/02 08:34:44	6	Internal error: attempt to release a lock that is not held. Deadlock may result. (padlock_release, caller id string: "..\dgramdispatch.c 1198")
2	310	06/10/02 23:12:37	06/10/02 23:12:37	6	net233.ghaps.org 216.93.78.233: can't verify reverse address
3	401	06/10/02 08:34:44	06/10/02 08:34:44	5	Internal error: cannot create thread (Not enough storage is available to process this command. )
4	301	06/10/02 08:34:44	06/10/02 08:34:44	5	Internal warning: could not queue packet on authorization queue
5	343	06/10/02 08:34:44	06/10/02 08:34:44	2	Interfaces Warning: Unable to determine tunnel information for destination address 64.39.69.36 - is the system local and down? -- test connectivity with ping
6	401	06/10/02 08:34:44	06/10/02 08:34:44	1	Internal error: Process terminating with signal 11 [Access violation at 0x77f6ce0c: eax=0x0, ebx=0x477800, ecx=0x1, edx=0x77fa75c0, esi=0x349a9c, edi=0x0, ebp=0x16c9f960, esp=0x16c9f900, eip=0x77f6ce0c]
7	121	06/10/02 08:34:44	06/10/02 08:34:44	1	Statistics: duration=nnn id=nnn src=212.32.48.197/pppp dst=64.39.69.36/941 proto=941/tcp (failed to get call addressing information)
8	121	06/10/02 08:34:44	06/10/02 08:34:44	1	Statistics: duration=nnn id=nnn src=212.32.48.197/pppp dst=64.39.69.36/1544 proto=1544/tcp (failed to get call addressing information)
9	401	06/10/02 08:34:44	06/10/02 08:34:44	1	Internal error: Process terminating with signal 11 [Access violation at 0x77f6ce0c: eax=0x0, ebx=0x477800, ecx=0x0, edx=0x349a9c, esi=0x349a9c, edi=0x0, ebp=0x16d9f960, esp=0x16d9f900, eip=0x77f6ce0c]

UDP-GSP - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 00:34:33	06/10/02 21:40:25	80	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.41.0.4/pppp proto=53/udp (Not authorized)
2	121	06/10/02 00:34:39	06/10/02 23:52:47	59	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.8.10.90/pppp proto=53/udp (Not authorized)
3	121	06/10/02 00:34:39	06/10/02 23:42:32	59	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.203.230.10/pppp proto=53/udp (Not authorized)
4	121	06/10/02 03:51:26	06/10/02 23:42:15	54	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=202.12.27.33/pppp proto=53/udp (Not authorized)
5	121	06/10/02 00:36:17	06/10/02 19:41:21	54	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.12/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.9.64.26/pppp proto=53/udp (Not authorized)
6	121	06/10/02 00:34:33	06/10/02 19:39:50	53	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.9.64.26/pppp proto=53/udp (Not authorized)
7	121	06/10/02 00:34:36	06/10/02 23:52:47	53	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.9.0.107/pppp proto=53/udp (Not authorized)
8	121	06/10/02 00:34:36	06/10/02 23:52:47	52	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.33.4.12/pppp proto=53/udp (Not authorized)
9	310	06/10/02 01:35:11	06/10/02 23:52:50	51	norad.arc.nasa.gov 192.203.230.10: can't verify reverse address
10	121	06/10/02 03:51:20	06/10/02 19:48:31	47	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.63.2.53/pppp proto=53/udp (Not authorized)
11	121	06/10/02 03:51:23	06/10/02 23:53:02	47	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=193.0.14.129/pppp proto=53/udp (Not authorized)
12	121	06/10/02 03:51:23	06/10/02 15:52:27	46	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.41.0.10/pppp proto=53/udp (Not authorized)
13	121	06/10/02 03:51:20	06/10/02 19:48:27	46	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.5.5.241/pppp proto=53/udp (Not authorized)
14	121	06/10/02 03:51:20	06/10/02 19:48:31	46	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.112.36.4/pppp proto=53/udp (Not authorized)
15	121	06/10/02 03:51:23	06/10/02 15:52:27	45	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.36.148.17/pppp proto=53/udp (Not authorized)
16	121	06/10/02 03:51:26	06/10/02 11:52:10	25	Statistics: duration=nnn id=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.32.64.12/pppp proto=53/udp (Not authorized)
17	121	06/10/02 01:35:11	06/10/02 23:52:46	9	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.33.4.12/pppp proto=53/udp (Not authorized)
18	121	06/10/02 01:35:11	06/10/02 23:52:46	9	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.9.0.107/pppp proto=53/udp (Not authorized)
19	121	06/10/02 01:35:11	06/10/02 23:41:31	9	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.203.230.10/pppp proto=53/udp (Not authorized)
20	121	06/10/02 03:48:12	06/10/02 23:52:46	9	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=202.12.27.33/pppp proto=53/udp (Not authorized)
21	121	06/10/02 01:35:11	06/10/02 23:52:46	9	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.41.0.4/pppp proto=53/udp (Not authorized)
22	121	06/10/02 01:35:11	06/10/02 23:41:31	8	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.8.10.90/pppp proto=53/udp (Not authorized)
23	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=128.63.2.53/pppp proto=53/udp (Not authorized)
24	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.36.148.17/pppp proto=53/udp (Not authorized)
25	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=193.0.14.129/pppp proto=53/udp (Not authorized)
26	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.5.5.241/pppp proto=53/udp (Not authorized)
27	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=192.112.36.4/pppp proto=53/udp (Not authorized)
28	121	06/10/02 03:48:12	06/10/02 19:52:48	2	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.41.0.10/pppp proto=53/udp (Not authorized)
29	121	06/10/02 03:48:12	06/10/02 03:48:12	1	Statistics: duration=nnn id=nnn sent=nnn srcif=Vpn6 src=172.32.10.11/pppp svsrc=34.28.69.34 dstif=Vpn3 dst=198.32.64.12/pppp proto=53/udp (Not authorized)
30	343	06/10/02 09:30:37	06/10/02 09:47:31	1	Interfaces Warning: Unable to determine tunnel information for destination address 34.28.69.40 - is the system local and down? -- test connectivity with ping
!!!	There were 31 messages to be reported but the listing is limited to 30.

VULTURED - Back to top

No.	Type	Start	End	Count	Message
1	401	06/10/02 02:34:28	06/10/02 02:34:28	1	Internal error: can't get process name for process 281 (2: The system cannot find the file specified. )

Analysis duration: 2 seconds.
Log lines analyzed: 3,946
Analysis speed: 1,973 lines/second.

Back to Content