Chapter 18 Logs
Table 81 Attack Logs (continued)
LOG MESSAGE | DESCRIPTION |
teardrop UDP | The firewall detected an UDP teardrop attack. |
teardrop ICMP (type:%d, | The firewall detected an ICMP teardrop attack. For type and code |
code:%d) | details, see Table 85 on page 184. |
illegal command TCP | The firewall detected a TCP illegal command attack. |
NetBIOS TCP | The firewall detected a TCP NetBIOS attack. |
ip spoofing - no routing | The firewall classified a packet with no source routing entry as an |
entry [TCP UDP IGMP | IP spoofing attack. |
ESP GRE OSPF] |
|
ip spoofing - no routing | The firewall classified an ICMP packet with no source routing |
entry ICMP (type:%d, | entry as an IP spoofing attack. |
code:%d) |
|
vulnerability ICMP | The firewall detected an ICMP vulnerability attack. For type and |
(type:%d, code:%d) | code details, see Table 85 on page 184. |
traceroute ICMP (type:%d, | The firewall detected an ICMP traceroute attack. For type and |
code:%d) | code details, see Table 85 on page 184. |
Table 82 PKI Logs
LOG MESSAGE | DESCRIPTION |
Enrollment successful | The SCEP online certificate enrollment was successful. The |
| Destination field records the certification authority server IP address |
| and port. |
|
|
Enrollment failed | The SCEP online certificate enrollment failed. The Destination field |
| records the certification authority server’s IP address and port. |
Failed to resolve | The SCEP online certificate enrollment failed because the certification |
<SCEP CA server url> | authority server’s address cannot be resolved. |
Enrollment successful | The CMP online certificate enrollment was successful. The Destination |
| field records the certification authority server’s IP address and port. |
Enrollment failed | The CMP online certificate enrollment failed. The Destination field |
| records the certification authority server’s IP address and port. |
Failed to resolve <CMP | The CMP online certificate enrollment failed because the certification |
CA server url> | authority server’s IP address cannot be resolved. |
Rcvd ca cert: <subject | The router received a certification authority certificate, with subject |
name> | name as recorded, from the LDAP server whose IP address and port |
| are recorded in the Source field. |
Rcvd user cert: | The router received a user certificate, with subject name as recorded, |
<subject name> | from the LDAP server whose IP address and port are recorded in the |
| Source field. |
Rcvd CRL <size>: | The router received a CRL (Certificate Revocation List), with size and |
<issuer name> | issuer name as recorded, from the LDAP server whose IP address and |
| port are recorded in the Source field. |
Rcvd ARL <size>: | The router received an ARL (Authority Revocation List), with size and |
<issuer name> | issuer name as recorded, from the LDAP server whose address and |
| port are recorded in the Source field. |
182 |
| |
ZyXEL |
| |
|
|
|