This is why I have a love/hate relationship with TCP/IP security: from the logs we've determined that either ET is trying to hack somebody's network or the Firewall is talking to itself. And, my hypothesis was that it's a bunch of spoofed packets. . .I guess that's too bland to consider. It would be nice if we could ask the router where the packets actually came from rather than depending on Cisco's cryptic Pix log message. :-) Frank Solomon University of Kentucky http://www.franksolomon.net > -----Original Message----- > From: Tom Perrine [mailto:tepat_private] > Sent: Thursday, May 09, 2002 5:39 PM > To: loganalysisat_private > Subject: [logs] protocol 105 > > > A CAIDA protocol wizard found this: > > http://lists.insecure.org/firewall-wizards/2001/Jun/0022.html > > > --tep > > --------------------------------------------------------------------- > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri May 10 2002 - 08:03:40 PDT