Chapter 18 Logs

Table 81 Attack Logs (continued)

LOG MESSAGE

DESCRIPTION

teardrop UDP

The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,

The firewall detected an ICMP teardrop attack. For type and code

code:%d)

details, see Table 85 on page 184.

illegal command TCP

The firewall detected a TCP illegal command attack.

NetBIOS TCP

The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing

The firewall classified a packet with no source routing entry as an

entry [TCP UDP IGMP

IP spoofing attack.

ESP GRE OSPF]

 

ip spoofing - no routing

The firewall classified an ICMP packet with no source routing

entry ICMP (type:%d,

entry as an IP spoofing attack.

code:%d)

 

vulnerability ICMP

The firewall detected an ICMP vulnerability attack. For type and

(type:%d, code:%d)

code details, see Table 85 on page 184.

traceroute ICMP (type:%d,

The firewall detected an ICMP traceroute attack. For type and

code:%d)

code details, see Table 85 on page 184.

Table 82 PKI Logs

LOG MESSAGE

DESCRIPTION

Enrollment successful

The SCEP online certificate enrollment was successful. The

 

Destination field records the certification authority server IP address

 

and port.

 

 

Enrollment failed

The SCEP online certificate enrollment failed. The Destination field

 

records the certification authority server’s IP address and port.

Failed to resolve

The SCEP online certificate enrollment failed because the certification

<SCEP CA server url>

authority server’s address cannot be resolved.

Enrollment successful

The CMP online certificate enrollment was successful. The Destination

 

field records the certification authority server’s IP address and port.

Enrollment failed

The CMP online certificate enrollment failed. The Destination field

 

records the certification authority server’s IP address and port.

Failed to resolve <CMP

The CMP online certificate enrollment failed because the certification

CA server url>

authority server’s IP address cannot be resolved.

Rcvd ca cert: <subject

The router received a certification authority certificate, with subject

name>

name as recorded, from the LDAP server whose IP address and port

 

are recorded in the Source field.

Rcvd user cert:

The router received a user certificate, with subject name as recorded,

<subject name>

from the LDAP server whose IP address and port are recorded in the

 

Source field.

Rcvd CRL <size>:

The router received a CRL (Certificate Revocation List), with size and

<issuer name>

issuer name as recorded, from the LDAP server whose IP address and

 

port are recorded in the Source field.

Rcvd ARL <size>:

The router received an ARL (Authority Revocation List), with size and

<issuer name>

issuer name as recorded, from the LDAP server whose address and

 

port are recorded in the Source field.

182

 

ZyXEL NBG-334SH User’s Guide