Table of Contents
Advertisement
Security
Security Log
Security Log Settings
Field
Accepted Events
Accepted Incoming
Connections
Accepted Outgoing
Connections
Blocked Events
Blocked Connection Attempts
Winnuke
Defragmentation Error
Blocked Fragments
Syn Flood
Echo Cargen
Multicast/Broadcast
Spoofed Connection
Packet Illegal Options
UDP Flood
ICMP Replay
ICMP Redirect
ICMP Multicast
ICMP Flood
Other Events
Remote Administration
Attempts
Connection States
Log Buffer
Prevent Log Overrun
4-36
Definition
Sessions originated from the Internet that have been allowed by
the firewall.
Sessions originated from the network that have been allowed by
the firewall.
Sessions that have been blocked by the firewall.
Detection of the Winnuke DOS attack.
Detection of fragmented packets that cannot be properly
reassembled.
Detection of fragmented packets when Block IP Fragments is
enabled.
Detection of the Syn Flood DOS attack.
Detection of the Echo or Chargen DOS attacks.
Detection of the multicast or broadcast packets arriving at the
WAN interface.
Detection of IP address spoofing attacks.
Detection of IP packets with disallowed IP options: lsrr, ssrr, rr,
timestamp, or error options.
Detection of a UDP Flood attack.
Detection of an ICMP Replay DOS attack.
Detection of improper ICMP redirect messages from the WAN.
Detection of multicast ICMP packets, such as a ping to a subnet
broadcast address.
Detection of an ICMP flood DOS attack.
Management sessions established to the Adit.
Session connection state detail.
Stop logging firewall detail when the log is full. This prevents
loosing early log entries, but will drop the later log entries.
Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI
Advertisement
Table of Contents
