Gang,
I was looking at my firewall module syslog file, and came across the
following entries (sanitized for your protection):
Jul 31 13:38:47 firewall-hostname unix: FW-1: Warning: modify for a
new entry:
Jul 31 13:38:47 firewall-hostname
Jul 31 13:38:47 firewall-hostname unix: <(hexadecimal IP address)
Jul 31 13:38:47 firewall-hostname unix: ,4ac
Jul 31 13:38:47 firewall-hostname unix: ,(another hexadecimal IP address)
Jul 31 13:38:47 firewall-hostname unix: ,0
Jul 31 13:38:47 firewall-hostname unix: ,11
Jul 31 13:38:47 firewall-hostname unix: ;0
Jul 31 13:38:47 firewall-hostname unix: ,4000
Jul 31 13:38:47 firewall-hostname unix: ,0
Jul 31 13:38:47 firewall-hostname unix: > <0 : =0 22>
There are numerous instances of this, with different hex IP addresses
and what appear to be hex port numbers (the two- and three-digit
entries). Has anyone else seen this, and what does it mean? I'm
running CP 2000 on Solaris 7.
Thanks,
Dan
Daniel R. (Dan) Dunn, EE, CISSP, CCSA/CCSE
Firewall Administrator
Office of the Under Secretary of Defense - Acquisition, Technology &
Logistics (OUSD(AT&L))
Principal Information Assurance Engineer, AT&T Government Solutions
p:, ext 500
f:
The opinions expressed by the author are entirely his own, and do not
reflect those of AT&T Government Solutions or its subsidiaries, nor do
they reflect policy, opinion, or endorsement by the US Department of
Defense or any of its agencies.