Kerio-tech Firewall6 Manual do Utilizador descarregar pdf (Página 306)

100

101

Chapter 22 Logs

306

• DIRECT — the WWW server access method (WinRoute always uses DIRECT access)

• 206.168.0.9 — IP address of the WWW server

22.11 Security Log

A log for security-related messages. Records of the following types may appear in the log:

1. Anti-spooﬁng log records

Messages about packets that where captured by the Anti-spooﬁng module (packets with

invalid source IP address — see section 17.2 for details)

Example

[17/Jul/2008 11:46:38] Anti-Spoofing:

Packet from LAN, proto:TCP, len:48,

ip/port:61.173.81.166:1864 -> 195.39.55.10:445,

flags: SYN, seq:3819654104 ack:0, win:16384, tcplen:0

• packet from — packet direction (either from, i.e. sent via the interface, or to, i.e.

received via the interface)

• LAN — interface name (see chapter

5 for details)

• proto: — transport protocol (TCP, UDP, etc.)

• len: — packet size in bytes (including the headers) in bytes

• ip/port: — source IP address, source port, destination IP address and destina-

tion port

• flags: — TCP ﬂags

• seq: — sequence number of the packet (TCP only)

• ack: — acknowledgement sequence number (TCP only)

• win: — size of the receive window in bytes (it is used for data ﬂow control — TCP

only)

• tcplen: — TCP payload size (i.e. size of the data part of the packet) in bytes (TCP

only)

2. FTP protocol parser log records

1 2 ... 301 302 303 304 305 306 307 308 309 310 311 ... 403 404

Comentários a estes Manuais

Sem comentários

Kerio-tech Firewall6 Manual do Utilizador Página 306

Comentários a estes Manuais