Chapter 26 Logs
Table 148 Attack Logs (continued)
LOG MESSAGE | DESCRIPTION |
ip spoofing - WAN [ TCP | The firewall detected an IP spoofing attack on the WAN port. |
UDP IGMP ESP GRE |
|
OSPF ] |
|
ip spoofing - WAN ICMP | The firewall detected an ICMP IP spoofing attack on the WAN |
(type:%d, code:%d) | port. |
icmp echo : ICMP | The firewall detected an ICMP echo attack. |
(type:%d, code:%d) |
|
syn flood TCP | The firewall detected a TCP syn flood attack. |
ports scan TCP | The firewall detected a TCP port scan attack. |
teardrop TCP | The firewall detected a TCP teardrop attack. |
teardrop UDP | The firewall detected an UDP teardrop attack. |
teardrop ICMP (type:%d, | The firewall detected an ICMP teardrop attack. |
code:%d) |
|
illegal command TCP | The firewall detected a TCP illegal command attack. |
NetBIOS TCP | The firewall detected a TCP NetBIOS attack. |
ip spoofing - no routing | The firewall classified a packet with no source routing entry as an |
entry [ TCP UDP IGMP | IP spoofing attack. |
ESP GRE OSPF ] |
|
ip spoofing - no routing | The firewall classified an ICMP packet with no source routing |
entry ICMP (type:%d, | entry as an IP spoofing attack. |
code:%d) |
|
vulnerability ICMP | The firewall detected an ICMP vulnerability attack. |
(type:%d, code:%d) |
|
traceroute ICMP (type:%d, | The firewall detected an ICMP traceroute attack. |
code:%d) |
|
Table 149 802.1X Logs
LOG MESSAGE | DESCRIPTION |
Local User Database accepts | A user was authenticated by the local user database. |
user. |
|
Local User Database reports user | A user was not authenticated by the local user database |
credential error. | because of an incorrect user password. |
Local User Database does not | A user was not authenticated by the local user database |
find user`s credential. | because the user is not listed in the local user database. |
RADIUS accepts user. | A user was authenticated by the RADIUS Server. |
RADIUS rejects user. Pls check | A user was not authenticated by the RADIUS Server. |
RADIUS Server. | Please check the RADIUS Server. |
Local User Database does not | The local user database only supports the |
support authentication method. | method. A user tried to use another authentication |
| method and was not authenticated. |
User logout because of session | The router logged out a user whose session expired. |
timeout expired. |
|
User logout because of user | The router logged out a user who ended the session. |
deassociation. |
|
340 |
| |
| ||
|
|
|