RE: [fw-wiz] Problems logging deny's on Cisco Routers?

From: Manson, Jim (MANSO001_at_dcri.duke.edu)
Date: 04/26/04

  • Next message: Justin C. Laporte: "RE: [fw-wiz] Using RDP Port 3389"
    To: 'Luca Berra' <bluca@comedia.it>, firewall-wizards@honor.icsalabs.com
    Date: Mon, 26 Apr 2004 09:21:02 -0400
    
    

    You're right. Sorry. I split all of mine into the following for logging
    purposes:

    deny tcp any any range 0 65535 log
    deny udp any any range 0 65535 log

    Jim

    -----Original Message-----
    From: Luca Berra [mailto:bluca@comedia.it]
    Sent: Friday, April 23, 2004 5:05 PM
    To: firewall-wizards@honor.icsalabs.com
    Subject: Re: [fw-wiz] Problems logging deny's on Cisco Routers?

    On Thu, Apr 22, 2004 at 04:21:00PM -0400, Manson, Jim wrote:
    >Scott,
    >
    >I know this is a late post, and you may have resolved this already, but try
    >adding a port range:
    >
    >deny ip any any range 0 65535 log

    ip protocol does not have notion of ports.

    L.

    -- 
    Luca Berra -- bluca@comedia.it
            Communication Media & Services S.r.l.
     /"\
     \ /     ASCII RIBBON CAMPAIGN
      X        AGAINST HTML MAIL
     / \
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Justin C. Laporte: "RE: [fw-wiz] Using RDP Port 3389"

    Relevant Pages

    • Re: Attempted Logon Events on Win2k Servers
      ... make sure you have your firewall logs and send ... > access-list 101 deny tcp any any eq 137 ... > access-list 101 deny udp any any eq netbios-ns ... > access-list 101 deny udp any any eq netbios-dgm ...
      (microsoft.public.win2000.security)
    • Attempted Logon Events on Win2k Servers
      ... The logon to account: root ... I have a very small network, so I know for a fact that there is no ... access-list 101 deny tcp any any eq 137 ... access-list 101 deny udp any any eq netbios-dgm ...
      (comp.os.ms-windows.nt.admin.security)
    • Attempted Logon Events on Win2k Servers
      ... The logon to account: root ... I have a very small network, so I know for a fact that there is no ... access-list 101 deny tcp any any eq 137 ... access-list 101 deny udp any any eq netbios-dgm ...
      (microsoft.public.win2000.security)
    • Re: Office V.x serial numbers - moving, changing, reading
      ... is there any way to somehow read from an installed copy of Office which ... sudo ipfw add 02222 deny udp from any to any ... sudo ipfw add 02222 deny tcp from any to any ...
      (microsoft.public.mac.office)
    • Re: IOS exploit: please disclose vehicle, not mechanism
      ... >means that DNS requests get blocked, ... >workaround available. ... access-list 101 deny udp any any eq domain ... access-list 101 deny tcp any any eq domain ...
      (comp.security.firewalls)