FWLOGSUM REPORT

F W L O G S U M R E P O R T

Colour Index

Standard Entries

Highlighted Entries

Alert Entries

Encrypted/Decrypted Entries

FW1 Host Source Address Destination Address Service Count Rule

FWFOOMAIN01 fwmain01.foo.com(http) dhcp-100-101-167-223.dhcp.foo.com tcp(1167) 8 4

FWFOOMAIN01 webfoogen1.foo.com(telnet) zeus.lab.foo.com tcp(1573) 33 4

FWFOOMAIN01 webfoogen1.foo.com(telnet) devel.lab.foo.com tcp(35338) 9 4

FWFOOMAIN01 webfoogen1.foo.com(telnet) devel.lab.foo.com tcp(38530) 41 4

FWFOOMAIN01 webfoogen1.foo.com(telnet) devel.lab.foo.com tcp(38567) 42 4

FWFOOMAIN01 gwt.lab.foo.com(22619) corelinkmain01.foo.com tcp(45) 1 3

FWFOOMAIN01 webfoogen1.foo.com(telnet) devel.lab.foo.com tcp(54924) 7 4

FWFOOMAIN01 dhcp-100-101-167-223.dhcp.foo.com(1234) fwmain01.foo.com tcp(FW1_mgmt) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11081) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11066) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11046) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11061) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11060) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11050) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11075) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11053) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11051) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11082) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11049) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11000) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11044) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11073) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11055) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11045) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11065) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11041) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11079) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11047) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11059) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11048) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11056) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11064) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11047) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11052) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11084) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11078) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11062) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11068) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11074) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11063) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11054) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11000) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11067) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11048) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11077) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11083) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11072) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11057) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11001) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11069) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11043) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11050) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11070) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11042) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11046) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11058) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(11049) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11071) apollo.foo.com tcp(TACACSplus) 1 4

FWFOOMAIN01 webfoogen1.foo.com(1023) apollo.foo.com tcp(login) 1 4

FWFOOMAIN01 devel.lab.foo.com(1019) webfoogen1.foo.com tcp(login) 1 4

FWFOOMAIN01 devel.lab.foo.com(1021) webfoogen1.foo.com tcp(login) 1 4

FWFOOMAIN01 192.1.28.252(1023) webfoogen1.foo.com tcp(login) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(3167) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1325) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1316) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1322) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(3194) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1297) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1272) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1919) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1300) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(3178) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(3170) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1279) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(1916) webwebmain01.foo.com tcp(nbsession) 1 4

FWFOOGW02 gwt.lab.foo.com(1023) fwfoomain01.foo.com tcp(shell) 1 3

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(990) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5300) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(917) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(910) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(939) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5212) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5303) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5209) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(937) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5298) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5305) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5306) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(971) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(997) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5206) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5301) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5207) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5297) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5302) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5304) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5205) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(908) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(921) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(951) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5208) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5308) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(954) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5307) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(5299) webwebmain01.foo.com tcp(sunrpc) 1 4

FWFOOMAIN01 dhcp-100-101-162-201.dhcp.foo.com(962) webwebmain01.foo.com tcp(sunrpc) 1 4

INTERNETGW test.lab.foo.com(6863) fwfoomain01-2 tcp(tcpmux) 1 3

INTERNETGW test.lab.foo.com(6862) fwfoomain01.foo.com tcp(tcpmux) 1 3

FWFOOMAIN01 corelinkmain01.foo.com(64514) rtnw.foo.com tcp(telnet) 1 4

FWFOOGW02 dhcp-100-101-167-233.dhcp.foo.com.au(1586) fwfoomain01.foo.com.au tcp(telnet) 1 3

FWFOOMAIN01 webfoogen1.foo.com(32819) apollo.foo.com tcp(telnet) 1 4

FWFOOMAIN01 fwrtrmain01.foo.com(63490) rtnw.foo.com tcp(telnet) 1 4

FWFOOMAIN01 gwt.lab.foo.com(22620) fwfoomain01.foo.com tcp(telnet) 1 3

FWFOOGW02 dhcp-100-101-167-233.dhcp.foo.com(1487) fwfoomain01.foo.com tcp(telnet) 1 3

FWFOOMAIN01 gwt.lab.foo.com(22620) fwfoomain01.foo.com tcp(telnet) 1 3

FWFOOMAIN01 dhcp-100-101-167-233.dhcp.foo.com(1588) fwfoomain01.foo.com tcp(telnet) 1 3

FWFOOMAIN01 fwrtrmain01.foo.com(12803) 192.1.1.13 tcp(telnet) 1 4

FWFOOMAIN01 corelinkmain01.foo.com(11266) 192.1.1.13 tcp(telnet) 1 4

FWFOOMAIN01 fwmain01.foo.com(1031) rtnw.foo.com tcp(telnet) 1 4

FWFOOMAIN01 gwt.lab.foo.com(22659) fwfoomain01.foo.com tcp(telnet) 2 3

FWFOOMAIN01 gwt.lab.foo.com(22657) fwfoomain01.foo.com tcp(telnet) 1 3

FWFOOMAIN01 dhcp-100-101-167-233.dhcp.foo.com(177) fwmain01.foo.com udp(177) 2 4

FWFOOMAIN01 gwt.lab.foo.com(65446) fwfoomain01.foo.com udp(33441) 1 3

FWFOOMAIN01 gwt.lab.foo.com(65446) fwfoomain01.foo.com udp(33442) 1 3

FWFOOMAIN01 gwt.lab.foo.com(65446) fwfoomain01.foo.com udp(33443) 1 3

FWFOOMAIN01 dhcp-100-101-167-233.dhcp.foo.com(nbname) fwfoomain01-2 udp(nbname) 1 4

INTERNETGW mlink.foo.co.uk(ntp-udp) ns4.foo.com udp(ntp-udp) 1 3

FWFOOMAIN01 mlink.foo.co.uk(ntp-udp) ns4.foo.com udp(ntp-udp) 2 3

FWFOOMAIN01 fwrtrmain01.foo.com(ntp-udp) ns4.foo.net udp(ntp-udp) 1 3

FWFOOMAIN01 fwrtrmain01.foo.com(ntp-udp) ns4.foo.com udp(ntp-udp) 5 3

FWFOOMAIN01 mlink.foo.co.uk(ntp-udp) ns4.foo.com udp(ntp-udp) 4 3

FWFOOMAIN01 mlink.foo.co.uk(ntp-udp) ns4.foo.net udp(ntp-udp) 2 3

FWFOOGW02 fwrtrmain01.foo.com(ntp-udp) ns4.foo.com udp(ntp-udp) 2 3

FWFOOMAIN01 fwrtrmain01.foo.com(ntp-udp) ns4.foo.com udp(ntp-udp) 15 4

FWFOOGW02 mlink.foo.co.uk(ntp-udp) ns4.foo.com udp(ntp-udp) 2 3

FWFOOMAIN01 fwrtrmain01.foo.com(ntp-udp) ns4.foo.com udp(ntp-udp) 3 3

Summary Information

Firewall Server: Top 10 of 3
FWhost	Count	Of Total	%
FWFOOMAIN01	289	96.66%
FWFOOGW02	7	2.34%
INTERNETGW	3	1.00%

Users/Source Addresses: Top 10 of 13
Source	Count	Of Total	%
webfoogen1.foo.com	134	44.82%
corelinkmain01.foo.com	46	15.38%
dhcp-100-101-162-201.dhcp.foo.com	43	14.38%
fwrtrmain01.foo.com	34	11.37%
mlink.foo.co.uk	11	3.68%
gwt.lab.foo.com	10	3.34%
fwmain01.foo.com	9	3.01%
dhcp-100-101-167-233.dhcp.foo.com	5	1.67%
devel.lab.foo.com	2	0.67%
test.lab.foo.com	2	0.67%

Users/Destination Addresses: Top 10 of 15
Destination	Count	Of Total	%
devel.lab.foo.com	99	33.11%
apollo.foo.com	52	17.39%
webwebmain01.foo.com	43	14.38%
ns4.foo.com	34	11.37%
zeus.lab.foo.com	33	11.04%
fwfoomain01.foo.com	12	4.01%
dhcp-100-101-167-223.dhcp.foo.com	8	2.68%
rtnw.foo.com	3	1.00%
fwmain01.foo.com	3	1.00%
ns4.foo.net	3	1.00%

Service Usage: Top 10 of 21
Service	Count	Of Total	%
tcp(TACACSplus)	50	16.72%
tcp(38567)	42	14.05%
tcp(38530)	41	13.71%
udp(ntp-udp)	37	12.37%
tcp(1573)	33	11.04%
tcp(sunrpc)	30	10.03%
tcp(telnet)	14	4.68%
tcp(nbsession)	13	4.35%
tcp(35338)	9	3.01%
tcp(1167)	8	2.68%

Rule Usage: Top 10 of 2
Rule	Count	Of Total	%
Rule 4	262	87.63%
Rule 3	37	12.37%

Network Interface Usage: Top 10 of 6
Networks	Count	Of Total	%
FWFOOMAIN01 hme1 (inbound)	229	76.59%
FWFOOMAIN01 hme0 (inbound)	60	20.07%
FWFOOGW02 hme1 (inbound)	4	1.34%
FWFOOGW02 hme0 (inbound)	3	1.00%
Internet Gateway (inbound)	2	0.67%
Web Services Network (inbound)	1	0.33%

Alert Types: Top 10 of 2
AlertType	Count	Of Total	%
log	1	0.33%
mail	1	0.33%

Source Domains: Top 10 of 4
SrcDomain	Count	Of Total	%
US Commercial	286	95.65%
United Kingdom	11	3.68%
Australia	1	0.33%
Unresolved	1	0.33%

Destination Domains: Top 10 of 5
DestDomain	Count	Of Total	%
US Commercial	291	97.32%
Network	3	1.00%
Unknown	2	0.67%
Unresolved	2	0.67%
Australia	1	0.33%

Daily Usage
Daily	Count	Of Total	%
17Nov2001	52	17.39%
18Nov2001	11	3.68%
19Nov2001	13	4.35%
20Nov2001	34	11.37%
21Nov2001	36	12.04%
22Nov2001	61	20.40%
23Nov2001	64	21.40%
25Nov2001	10	3.34%
26Nov2001	18	6.02%

24 Hour Period
Time	Count	Of Total	%
0:00-1:00	11	3.68%
1:00-2:00	3	1.00%
2:00-3:00	11	3.68%
3:00-4:00	3	1.00%
4:00-5:00	11	3.68%
5:00-6:00	3	1.00%
6:00-7:00	11	3.68%
7:00-8:00	3	1.00%
8:00-9:00	18	6.02%
9:00-10:00	8	2.68%
10:00-11:00	16	5.35%
11:00-12:00	38	12.71%
12:00-13:00	6	2.01%
13:00-14:00	20	6.69%
14:00-15:00	58	19.40%
16:00-17:00	11	3.68%
17:00-18:00	1	0.33%
18:00-19:00	11	3.68%
19:00-20:00	28	9.36%
20:00-21:00	11	3.68%
21:00-22:00	3	1.00%
22:00-23:00	11	3.68%
23:00-24:00	3	1.00%

Excluded Services

Service	Count	Of Entries	%
smtp	25	7.72%

Top of Report

fwlogsum Version: 5.0.3
Generated: Mon Jul 9 16:25:35 2007

Total entries processed	18995
Entries matched on	299
Inbound traffic	18952
Outbound traffic	8
Control Messages	35
Entries Ignored	25
Alert Entries	2
Attack Types	0
Unique Attack URLs	0
Encrypted/Decrypted Entries	4
Unknown Entries	0

FW1 Host	Source Address	Destination Address	Service	Count	Rule
FWFOOMAIN01	fwmain01.foo.com(http)	dhcp-100-101-167-223.dhcp.foo.com	tcp(1167)	8	4
FWFOOMAIN01	webfoogen1.foo.com(telnet)	zeus.lab.foo.com	tcp(1573)	33	4
FWFOOMAIN01	webfoogen1.foo.com(telnet)	devel.lab.foo.com	tcp(35338)	9	4
FWFOOMAIN01	webfoogen1.foo.com(telnet)	devel.lab.foo.com	tcp(38530)	41	4
FWFOOMAIN01	webfoogen1.foo.com(telnet)	devel.lab.foo.com	tcp(38567)	42	4
FWFOOMAIN01	gwt.lab.foo.com(22619)	corelinkmain01.foo.com	tcp(45)	1	3
FWFOOMAIN01	webfoogen1.foo.com(telnet)	devel.lab.foo.com	tcp(54924)	7	4
FWFOOMAIN01	dhcp-100-101-167-223.dhcp.foo.com(1234)	fwmain01.foo.com	tcp(FW1_mgmt)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11081)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11066)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11046)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11061)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11060)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11050)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11075)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11053)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11051)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11082)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11049)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11000)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11044)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11073)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11055)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11045)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11065)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11041)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11079)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11047)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11059)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11048)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11056)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11064)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11047)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11052)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11084)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11078)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11062)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11068)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11074)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11063)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11054)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11000)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11067)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11048)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11077)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11083)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11072)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11057)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11001)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11069)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11043)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11050)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11070)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11042)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11046)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11058)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(11049)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11071)	apollo.foo.com	tcp(TACACSplus)	1	4
FWFOOMAIN01	webfoogen1.foo.com(1023)	apollo.foo.com	tcp(login)	1	4
FWFOOMAIN01	devel.lab.foo.com(1019)	webfoogen1.foo.com	tcp(login)	1	4
FWFOOMAIN01	devel.lab.foo.com(1021)	webfoogen1.foo.com	tcp(login)	1	4
FWFOOMAIN01	192.1.28.252(1023)	webfoogen1.foo.com	tcp(login)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(3167)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1325)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1316)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1322)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(3194)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1297)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1272)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1919)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1300)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(3178)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(3170)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1279)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(1916)	webwebmain01.foo.com	tcp(nbsession)	1	4
FWFOOGW02	gwt.lab.foo.com(1023)	fwfoomain01.foo.com	tcp(shell)	1	3
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(990)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5300)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(917)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(910)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(939)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5212)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5303)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5209)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(937)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5298)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5305)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5306)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(971)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(997)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5206)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5301)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5207)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5297)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5302)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5304)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5205)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(908)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(921)	webwebmain01.foo.com	tcp(sunrpc)	1	4


FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(951)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5208)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5308)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(954)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5307)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(5299)	webwebmain01.foo.com	tcp(sunrpc)	1	4
FWFOOMAIN01	dhcp-100-101-162-201.dhcp.foo.com(962)	webwebmain01.foo.com	tcp(sunrpc)	1	4
INTERNETGW	test.lab.foo.com(6863)	fwfoomain01-2	tcp(tcpmux)	1	3
INTERNETGW	test.lab.foo.com(6862)	fwfoomain01.foo.com	tcp(tcpmux)	1	3
FWFOOMAIN01	corelinkmain01.foo.com(64514)	rtnw.foo.com	tcp(telnet)	1	4
FWFOOGW02	dhcp-100-101-167-233.dhcp.foo.com.au(1586)	fwfoomain01.foo.com.au	tcp(telnet)	1	3
FWFOOMAIN01	webfoogen1.foo.com(32819)	apollo.foo.com	tcp(telnet)	1	4
FWFOOMAIN01	fwrtrmain01.foo.com(63490)	rtnw.foo.com	tcp(telnet)	1	4
FWFOOMAIN01	gwt.lab.foo.com(22620)	fwfoomain01.foo.com	tcp(telnet)	1	3
FWFOOGW02	dhcp-100-101-167-233.dhcp.foo.com(1487)	fwfoomain01.foo.com	tcp(telnet)	1	3
FWFOOMAIN01	gwt.lab.foo.com(22620)	fwfoomain01.foo.com	tcp(telnet)	1	3
FWFOOMAIN01	dhcp-100-101-167-233.dhcp.foo.com(1588)	fwfoomain01.foo.com	tcp(telnet)	1	3
FWFOOMAIN01	fwrtrmain01.foo.com(12803)	192.1.1.13	tcp(telnet)	1	4
FWFOOMAIN01	corelinkmain01.foo.com(11266)	192.1.1.13	tcp(telnet)	1	4
FWFOOMAIN01	fwmain01.foo.com(1031)	rtnw.foo.com	tcp(telnet)	1	4
FWFOOMAIN01	gwt.lab.foo.com(22659)	fwfoomain01.foo.com	tcp(telnet)	2	3
FWFOOMAIN01	gwt.lab.foo.com(22657)	fwfoomain01.foo.com	tcp(telnet)	1	3
FWFOOMAIN01	dhcp-100-101-167-233.dhcp.foo.com(177)	fwmain01.foo.com	udp(177)	2	4
FWFOOMAIN01	gwt.lab.foo.com(65446)	fwfoomain01.foo.com	udp(33441)	1	3
FWFOOMAIN01	gwt.lab.foo.com(65446)	fwfoomain01.foo.com	udp(33442)	1	3
FWFOOMAIN01	gwt.lab.foo.com(65446)	fwfoomain01.foo.com	udp(33443)	1	3
FWFOOMAIN01	dhcp-100-101-167-233.dhcp.foo.com(nbname)	fwfoomain01-2	udp(nbname)	1	4
INTERNETGW	mlink.foo.co.uk(ntp-udp)	ns4.foo.com	udp(ntp-udp)	1	3
FWFOOMAIN01	mlink.foo.co.uk(ntp-udp)	ns4.foo.com	udp(ntp-udp)	2	3
FWFOOMAIN01	fwrtrmain01.foo.com(ntp-udp)	ns4.foo.net	udp(ntp-udp)	1	3
FWFOOMAIN01	fwrtrmain01.foo.com(ntp-udp)	ns4.foo.com	udp(ntp-udp)	5	3
FWFOOMAIN01	mlink.foo.co.uk(ntp-udp)	ns4.foo.com	udp(ntp-udp)	4	3
FWFOOMAIN01	mlink.foo.co.uk(ntp-udp)	ns4.foo.net	udp(ntp-udp)	2	3
FWFOOGW02	fwrtrmain01.foo.com(ntp-udp)	ns4.foo.com	udp(ntp-udp)	2	3
FWFOOMAIN01	fwrtrmain01.foo.com(ntp-udp)	ns4.foo.com	udp(ntp-udp)	15	4
FWFOOGW02	mlink.foo.co.uk(ntp-udp)	ns4.foo.com	udp(ntp-udp)	2	3
FWFOOMAIN01	fwrtrmain01.foo.com(ntp-udp)	ns4.foo.com	udp(ntp-udp)	3	3