beautypg.com

Table 89 attack logs table 90 ipsec logs – ZyXEL Communications P-660H-Tx v2 User Manual

Page 218

background image

Chapter 19 Logs

P-660H-Tx v2 User’s Guide

218

Table 89 Attack Logs

LOG MESSAGE

DESCRIPTION

attack [TCP | UDP | IGMP
| ESP | GRE | OSPF]

The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF attack.

attack ICMP (type:%d,
code:%d)

The firewall detected an ICMP attack. For type and code details,

see

Table 95 on page 224

.

land [TCP | UDP | IGMP |
ESP | GRE | OSPF]

The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF land

attack.

land ICMP (type:%d,
code:%d)

The firewall detected an ICMP land attack. For type and code

details, see

Table 95 on page 224

.

ip spoofing - WAN [TCP |
UDP | IGMP | ESP | GRE |
OSPF]

The firewall detected an IP spoofing attack on the WAN port.

ip spoofing - WAN ICMP
(type:%d, code:%d)

The firewall detected an ICMP IP spoofing attack on the WAN

port. For type and code details, see

Table 95 on page 224

.

icmp echo: ICMP (type:%d,
code:%d)

The firewall detected an ICMP echo attack. For type and code

details, see

Table 95 on page 224

.

syn flood TCP

The firewall detected a TCP syn flood attack.

ports scan TCP

The firewall detected a TCP port scan attack.

teardrop TCP

The firewall detected a TCP teardrop attack.

teardrop UDP

The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,
code:%d)

The firewall detected an ICMP teardrop attack. For type and code

details, see

Table 95 on page 224

.

illegal command TCP

The firewall detected a TCP illegal command attack.

NetBIOS TCP

The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing
entry [TCP | UDP | IGMP |
ESP | GRE | OSPF]

The firewall classified a packet with no source routing entry as an

IP spoofing attack.

ip spoofing - no routing
entry ICMP (type:%d,
code:%d)

The firewall classified an ICMP packet with no source routing

entry as an IP spoofing attack.

vulnerability ICMP
(type:%d, code:%d)

The firewall detected an ICMP vulnerability attack. For type and

code details, see

Table 95 on page 224

.

traceroute ICMP (type:%d,
code:%d)

The firewall detected an ICMP traceroute attack. For type and

code details, see

Table 95 on page 224

.

Table 90 IPSec Logs

LOG MESSAGE

DESCRIPTION

Discard REPLAY packet

The router received and discarded a packet with an incorrect

sequence number.

Inbound packet
authentication failed

The router received a packet that has been altered. A third party

may have altered or tampered with the packet.

Receive IPSec packet,
but no corresponding
tunnel exists

The router dropped an inbound packet for which SPI could not find a

corresponding phase 2 SA.

See also other documents in the category ZyXEL Communications Computer Accessories: