IWF was: RE: operational: icmp echo out of control?
Deepak Jain
deepak at ai.net
Tue May 28 20:33:57 UTC 2002
-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
Mike Tancsa
Sent: Tuesday, May 28, 2002 3:36 PM
To: Jeff Mcadams
Cc: nanog at merit.edu
Subject: Re: operational: icmp echo out of control?
[deleted]
The access attempt(s) are shown below, including the date and time, port
number, TCP or UDP indicator, and, if known, a service name associated with
the port.
Jeu 09 mai 2002 15:30:22, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:21, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:10, Port 3, ICMP, Destination Unreachable
Jeu 09 mai 2002 15:30:09, Port 3, ICMP, Destination Unreachable
----
Speaking of IWFs... my personal pet peeve is when people forward you IDS or
Firewall / some other packet log and neglect to provide a timezone and
confirmation the clock was sync'd to a reliable source lately.
For those of us that have the capability of pouring through a few billion
packets to help identify _real_ issues, every few minutes represents
millions of packets.
Explaining the significance of this goes something like this:
NOC: "When was your clock was synchronized with a network time source?"
IWF: "huh?"
[repeat variations of this for at least 5 minutes]
Deepak Jain
AiNET
More information about the NANOG
mailing list