Altair Technologies - "sample" firewall log analysis for
06/10/2002 00:00:00 to 06/10/2002 23:59:59

Summary

Process	Events		Duration (in minutes)	Sent (in MB)	Rcvd (in MB)	Types
Process	Processed	Reported	Duration (in minutes)	Sent (in MB)	Rcvd (in MB)	Info	Notice	Warning	Error	Alert	Critical	Emergency
cifsd	3	3	0	0	0	3
dnsd	116	116	0	0	0	116
eaglelogd	2	2	0	0	0	2
ftpd	4	4	0	0	3	4
gwcontrol	1,027	1,027	0	0	0		1,024			3
httpd	749	749	27	149	1,390	674	1	74
kernel	609	609	0	0	0		12	597
nbdgramd	196	196	7	0	0	196
notifyd	2	2	0	0	0			1			1
pingd	285	285	306	19	19	284		1
readhawk	7	7	0	3	1,113	4		1		2
smtp	31	31	3	243	7	19	6	3		3
tcp-gsp	1	1	0	0	0			1
tcpap-gsp	28	28	1	0	0	2		13	13
udp-gsp	885	885	30	15	15	833		52
vultured	1	1	0	0	0				1
Totals	3,946	3,946	374	429	2,547	2,137	1,043	743	14	8	1	0
Filtered	0

Research links

CIFSD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 09:24:18	06/10/02 09:24:40	3	Statistics: duration=nnn id=nnn src=192.168.0.231/pppp proto=cifs (Disconnected prematurely)

DNSD - Back to top

No.	Type	Start	End	Count	Message
1	120	06/10/02 00:22:55	06/10/02 23:52:31	15	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
2	120	06/10/02 00:13:30	06/10/02 23:59:46	14	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 142.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
3	120	06/10/02 00:12:49	06/10/02 03:39:49	9	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
4	120	06/10/02 03:36:04	06/10/02 23:42:53	6	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
5	120	06/10/02 19:45:39	06/10/02 20:24:38	6	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
6	120	06/10/02 00:58:32	06/10/02 03:43:41	6	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 142.0.42.10.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
7	120	06/10/02 00:11:03	06/10/02 03:14:01	4	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 40.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
8	120	06/10/02 00:33:07	06/10/02 23:28:12	4	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 71.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
9	120	06/10/02 00:28:38	06/10/02 22:28:43	4	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
10	120	06/10/02 19:46:42	06/10/02 21:36:43	3	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 198.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
11	120	06/10/02 18:28:13	06/10/02 18:28:13	3	dnsd Info: Refusing request from 216.33.87.9 (on interface 34.28.69.34) for Address for . - not authoritative and not recursing for this request
12	120	06/10/02 01:16:31	06/10/02 23:38:38	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 207.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
13	120	06/10/02 00:12:31	06/10/02 03:15:31	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 128.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
14	120	06/10/02 16:57:47	06/10/02 16:57:47	3	dnsd Info: Refusing request from 216.33.87.8 (on interface 34.28.69.34) for Address for . - not authoritative and not recursing for this request
15	120	06/10/02 00:14:01	06/10/02 23:37:05	3	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 205.0.42.10.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
16	120	06/10/02 01:35:38	06/10/02 03:47:52	3	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 11.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
17	120	06/10/02 01:23:37	06/10/02 19:43:39	3	dnsd Info: Failed to handle request from 172.32.10.21 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
18	120	06/10/02 00:23:01	06/10/02 19:42:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
19	120	06/10/02 09:30:31	06/10/02 09:31:42	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 2.221.5.209.in-addr.arpa. - no progress possible (ntserver.microsoft.ca./No NS address, ns.sprint-canada.net./Lame)
20	120	06/10/02 20:40:39	06/10/02 23:41:30	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 11.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
21	120	06/10/02 02:14:43	06/10/02 02:14:43	2	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
22	120	06/10/02 00:26:01	06/10/02 22:48:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 41.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
23	120	06/10/02 19:30:06	06/10/02 20:31:05	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 40.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
24	120	06/10/02 19:31:36	06/10/02 20:32:36	2	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 128.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
25	120	06/10/02 01:35:30	06/10/02 01:37:16	2	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - no progress possible (198.41.0.11/No response, 198.32.1.116/No response, 128.9.64.26/No response)
26	120	06/10/02 01:03:41	06/10/02 01:03:41	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.10.18.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
27	120	06/10/02 20:42:21	06/10/02 20:42:21	1	dnsd Info: Failed to handle request from 172.32.10.11 for StartOfAuthority for 102.17.172.in-addr.arpa. - failsafe timeout expired (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
28	120	06/10/02 00:32:45	06/10/02 00:32:45	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 10.102.17.172.in-addr.arpa. - no progress possible (128.9.64.26/No response, 198.32.1.116/No response)
29	120	06/10/02 01:23:37	06/10/02 01:23:37	1	dnsd Info: Failed to handle request from 192.168.0.156 for DomainName for 113.10.18.172.in-addr.arpa. - no progress possible (198.32.1.116/No response, 128.9.64.26/No response)
30	120	06/10/02 20:42:05	06/10/02 20:42:05	1	dnsd Info: Failed to handle request from 127.0.0.1 for DomainName for 12.102.17.172.in-addr.arpa. - failsafe timeout expired (198.41.0.11/No response, 128.9.64.26/No response, 198.32.1.116/No response)
!!!	There were 33 messages to be reported but the listing is limited to 30.

EAGLELOGD - Back to top

No.	Type	Start	End	Count	Message
1	108	06/10/02 00:00:01	06/10/02 00:00:01	1	starting new log file. UTC offset is -0500, Year is 2002, Raptor Security Gateway is 6.5, OS is "NT 4.0 (Build 1381: Service Pack 5)", Platform is "Intel x86"
2	107	12/25/02 00:00:03	12/25/02 00:00:03	1	closing log file

FTPD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 12:35:58	06/10/02 12:35:58	1	Statistics: duration=nnn id=nnn rid=187ti rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/17291 svsrc=64.39.69.34/pppp dst=161.69.2.7/3376 op=LIST arg=/pub/antivirus/datfiles/4.x result="226 Transfer complete." proto=ftp-data
2	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp svsrc=64.39.69.34/pppp dstif=Vpn3 dst=161.69.2.7/21 proto=ftp rule=1
3	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn rid=187tf rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/17597 svsrc=64.39.69.34/pppp dst=161.69.2.7/3364 op=LIST arg=/pub/antivirus/datfiles/4.x result="226 Transfer complete." proto=ftp-data
4	121	06/10/02 12:35:57	06/10/02 12:35:57	1	Statistics: duration=nnn id=nnn rid=187tf rcvd=nnn srcif=Vpn4 src=10.42.0.142/pppp cldst=161.69.2.7/15088 svsrc=64.39.69.34/pppp dst=161.69.2.7/3370 op=RETR arg=/pub/antivirus/datfiles/4.x/DELTA.INI result="226 Transfer complete." proto=ftp-data

GWCONTROL - Back to top

No.	Type	Start	End	Count	Message
1	201	06/10/02 00:00:57	06/10/02 23:59:46	196	nbdgram: access denied for 192.168.0.142 to 199.166.214.133 [default rule] [no rules found]
2	201	06/10/02 00:34:33	06/10/02 23:52:46	89	53/udp: access denied for 172.32.10.11 to a.root-servers.net [default rule] [no rules found]
3	201	06/10/02 03:48:12	06/10/02 23:52:46	65	53/udp: access denied for 172.32.10.11 to m.root-servers.net [default rule] [no rules found]
4	201	06/10/02 00:34:39	06/10/02 23:52:47	63	53/udp: access denied for 172.32.10.11 to d.root-servers.net [default rule] [no rules found]
5	201	06/10/02 00:34:36	06/10/02 23:52:47	62	53/udp: access denied for 172.32.10.11 to b.root-servers.net [default rule] [no rules found]
6	201	06/10/02 00:34:36	06/10/02 23:52:47	60	53/udp: access denied for 172.32.10.11 to c.root-servers.net [default rule] [no rules found]
7	201	06/10/02 00:36:17	06/10/02 19:41:21	54	53/udp: access denied for 172.32.10.12 to blackhole.isi.edu [default rule] [no rules found]
8	201	06/10/02 00:34:33	06/10/02 19:39:50	53	53/udp: access denied for 172.32.10.11 to blackhole.isi.edu [default rule] [no rules found]
9	201	06/10/02 01:35:11	06/10/02 22:42:16	49	53/udp: access denied for 172.32.10.11 to 192.203.230.10 [default rule] [no rules found]
10	201	06/10/02 03:48:12	06/10/02 23:53:02	49	53/udp: access denied for 172.32.10.11 to k.root-servers.net [default rule] [no rules found]
11	201	06/10/02 03:48:12	06/10/02 19:52:48	48	53/udp: access denied for 172.32.10.11 to f.root-servers.net [default rule] [no rules found]
12	201	06/10/02 03:48:12	06/10/02 19:52:48	48	53/udp: access denied for 172.32.10.11 to rns.arl.mil [default rule] [no rules found]
13	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to j.root-servers.net [default rule] [no rules found]
14	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to i.root-servers.net [default rule] [no rules found]
15	201	06/10/02 03:48:12	06/10/02 19:52:48	47	53/udp: access denied for 172.32.10.11 to G.ROOT-SERVERS.NET [default rule] [no rules found]
16	201	06/10/02 03:48:12	06/10/02 11:52:10	26	53/udp: access denied for 172.32.10.11 to l.root-servers.net [default rule] [no rules found]
17	201	06/10/02 00:34:39	06/10/02 23:41:31	18	53/udp: access denied for 172.32.10.11 to E.ROOT-SERVERS.NET [default rule] [no rules found]
18	201	06/10/02 04:50:04	06/10/02 20:08:06	2	http: access denied for sntc01hpov.exodus.net to samplefw.ffhexodustor.com [default rule] [no rules found]
19	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 5 tries in 1 hour
20	201	06/10/02 01:45:48	06/10/02 01:45:48	1	http: access denied for 62.254.209.4 to samplefw.ffhexodustor.com [default rule] [no rules found]
21	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 1020 tries in 7 days
22	501	06/10/02 00:10:24	06/10/02 00:10:24	1	access from 209.47.167.99 to 172.17.102.10 [rule id 6]: over 367 tries in 1 day

HTTPD - Back to top

No.	Type	Start	End	Count	Message
1	121	06/10/02 00:00:48	06/10/02 23:56:52	573	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=34.28.65.8/pppp cldst=34.28.69.36/80 svsrc=34.28.65.8/pppp dstif=Vpn6 dst=172.32.10.10/80 op=GET arg=http://172.32.10.10/ result="200 OK" proto=http rule=2
2	310	06/10/02 04:20:24	06/10/02 20:06:04	60	user.producerpartners.com 208.3.107.170: can't verify reverse address
3	310	06/10/02 02:13:58	06/10/02 20:41:05	14	user.producerpartners.com 208.3.107.171: can't verify reverse address
4	121	06/10/02 12:38:52	06/10/02 12:47:01	7	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.206.240.100/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11 (Unknown error)
5	121	06/10/02 12:36:57	06/10/02 12:38:56	5	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.206.240.100/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11
6	121	06/10/02 09:31:57	06/10/02 09:37:25	4	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.5.221.2/pppp cldst=34.28.69.34/443 svsrc=192.168.0.130/pppp dstif=Vpn4 dst=192.168.0.142/443 proto=http-https state=rsa/rc4_128_md5 rule=11
7	121	06/10/02 06:11:37	06/10/02 18:11:34	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.205.38.34/pppp cldst=64.39.69.33/80 svsrc=209.205.38.34/pppp dstif=Vpn6 dst=172.32.10.11/80 op=GET arg=http://intrapxy1.altairtech.ca/ffhtoronto/images/logon_top.jpg result="304 Not Modified" proto=http rule=2
8	121	06/10/02 02:14:31	06/10/02 14:14:08	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_top.jpg result="304 Not Modified" proto=http rule=2
9	121	06/10/02 07:44:26	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/transparent.gif result="304 Not Modified" proto=http rule=2
10	121	06/10/02 07:45:05	06/10/02 19:45:08	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/portal_help_top.htm result="304 Not Modified" proto=http rule=2
11	121	06/10/02 07:44:45	06/10/02 19:45:23	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/menu.htm result="304 Not Modified" proto=http rule=2
12	121	06/10/02 08:05:06	06/10/02 20:06:04	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/corechange.gif result="304 Not Modified" proto=http rule=2
13	121	06/10/02 04:20:24	06/10/02 16:21:26	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/portalfunctions/WebAlign/images/header_priority.gif result="304 Not Modified" proto=http rule=2
14	121	06/10/02 08:05:21	06/10/02 20:06:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_left.jpg result="304 Not Modified" proto=http rule=2
15	121	06/10/02 07:45:35	06/10/02 19:45:13	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_mid_right.gif result="304 Not Modified" proto=http rule=2
16	121	06/10/02 04:50:04	06/10/02 20:08:06	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=216.33.139.166/pppp dst=34.28.69.34/80 op=HEAD arg=/ result="403 Forbidden" proto=http (request denied by gwcontrol)
17	121	06/10/02 08:40:13	06/10/02 20:41:10	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_bottom.jpg result="304 Not Modified" proto=http rule=2
18	121	06/10/02 07:45:30	06/10/02 19:44:59	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/controls/windowssso.cab result="304 Not Modified" proto=http rule=2
19	121	06/10/02 07:45:20	06/10/02 19:45:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_mid_left.gif result="304 Not Modified" proto=http rule=2
20	121	06/10/02 07:45:15	06/10/02 19:45:03	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/help/user_interface.gif result="304 Not Modified" proto=http rule=2
21	121	06/10/02 08:23:02	06/10/02 20:24:00	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/login.css result="304 Not Modified" proto=http rule=2
22	121	06/10/02 07:46:25	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_change_tab.gif result="304 Not Modified" proto=http rule=2
23	121	06/10/02 07:45:50	06/10/02 19:45:13	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/header_logout.gif result="304 Not Modified" proto=http rule=2
24	121	06/10/02 04:20:26	06/10/02 16:21:26	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/default.css result="304 Not Modified" proto=http rule=2
25	121	06/10/02 06:07:22	06/10/02 18:08:25	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/logon_background.gif result="304 Not Modified" proto=http rule=2
26	121	06/10/02 07:46:10	06/10/02 19:45:28	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/header_tab_edge.gif result="304 Not Modified" proto=http rule=2
27	121	06/10/02 07:46:20	06/10/02 19:45:29	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_frame_background.gif result="304 Not Modified" proto=http rule=2
28	121	06/10/02 02:14:30	06/10/02 14:14:05	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.171/pppp cldst=216.63.107.150/80 svsrc=208.3.107.171/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/images/mi2g.gif result="304 Not Modified" proto=http rule=2
29	121	06/10/02 07:44:40	06/10/02 19:45:23	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=208.3.107.170/pppp cldst=216.63.107.150/80 svsrc=208.3.107.170/pppp dstif=Vpn6 dst=172.32.10.12/80 op=GET arg=http://intrapxy2.altairtech.ca/ffhtoronto/schemes/default/window_maximize.gif result="304 Not Modified" proto=http rule=2
30	121	06/10/02 06:11:28	06/10/02 18:11:34	2	Statistics: duration=nnn id=nnn sent=nnn rcvd=nnn srcif=Vpn3 src=209.205.38.34/pppp cldst=64.39.69.33/80 svsrc=209.205.38.34/pppp dstif=Vpn6 dst=172.32.10.11/80 op=GET arg=http://intrapxy1.altairtech.ca/ffhtoronto/images/mi2g.gif result="304 Not Modified" proto=http rule=2
!!!	There were 51 messages to be reported but the listing is limited to 30.

KERNEL - Back to top

No.	Type	Start	End	Count	Message
1	301	06/10/02 00:02:01	06/10/02 23:58:11	545	Internal warning: TCP session [state: 3, inactive for nn seconds] between 34.28.65.8/pppp and 34.28.69.36/80 timed out due to inactivity
2	226	06/10/02 00:34:22	06/10/02 13:30:54	12	IP packet dropped (sntc01hpov.exodus.net[216.33.139.166]->mail.altairtech.ca[34.28.69.34]: Protocol=ICMP[Mask request]): Unusual or disallowed ICMP (received on interface 34.28.69.34)
3	301	06/10/02 06:12:41	06/10/02 18:12:41	6	Internal warning: TCP session [state: 3, inactive for nn seconds] between 209.205.38.34/pppp and 64.39.69.33/80 timed out due to inactivity
4	301	06/10/02 00:42:24	06/10/02 17:44:33	5	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.52.49.35/pppp and 34.28.69.34/25 timed out due to inactivity
5	301	06/10/02 09:32:31	06/10/02 09:38:35	4	Internal warning: TCP session [state: 3, inactive for nn seconds] between 209.5.221.2/pppp and 34.28.69.34/443 timed out due to inactivity
6	301	06/10/02 04:51:27	06/10/02 20:08:33	2	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.33.139.166/pppp and 34.28.69.34/80 timed out due to inactivity
7	301	06/10/02 12:37:24	06/10/02 12:42:00	2	Internal warning: TCP session [state: 3, inactive for nn seconds] between 216.206.240.100/pppp and 34.28.69.34/443 timed out due to inactivity
8	301	06/10/02 12:42:33	06/10/02 12:42:33	1	Internal warning: TCP session [state: 3, inactive for nn seconds] between 192.168.0.142/pppp and 192.168.0.130/4528 timed out due to inactivity
9	301	06/10/02 17:18:05	06/10/02 17:18:05	1	Internal warning: TC