Dear Firewall-1 gurus.
There is some strange thing in my Firewall-1 log file
and I would appreciate if someone can give me some
hints/docs/URL indicating what it is and how to fix
it.
Interface Origin Type Action Service Source
Destination Prot Rule Sport
Qfe1 x.x.x.x Log Drop ftp 192.168.100.1 y.y.y.1 TCP 27
TCP
-
-
-
Qfe1 x.x.x.x Log Drop ftp 192.168.100.1 y.y.y.254 TCP
27 TCP
So the source is from INTERNET and they tried to scan
my whole class C address using the Internal IP address
(192.168.100.0)
So my questions are:
(1) What options do I have to stop them?
(2) Any ways to find out where do they come from?
(3) Any program/method how to simulate / test to see
how they do it?
Many thanks.
Trung Nguyen
Email: [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Thousands of Stores. Millions of Products. All in one Place.
http://shopping.yahoo.com/
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
