FWLOGSUM REPORT Accepted Entries Sorted by destination Report generated on: Sun Apr 21 22:11:08 2013 Period for report data: 17 Nov 2001 at 14:10:58 to 26 Nov 2001 at 9:02:26 Period for matched data: 17 Nov 2001 at 14:10:58 to 26 Nov 2001 at 9:02:26 Total entries processed: 18617 Entries matched on: 18617 Inbound traffic: 18616 Outbound traffic: 1 Control Messages: 0 Alert Entries: 0 Encrypted/Decrypted Entries: 0 Unknown entries 0 Inbound Traffic: 891 MB Outbound Traffic: 0 MB Total traffic (matched): 891 MB Entries ignored: 0 Attack Types: 0 Unique Attack URLs: 0 SOURCE ADDRESS DESTINATION ADDRESS SERVICE COUNT RULE ----------------------------------------------------------------------------------------------------------------------------------- webfoogen1.foo.com 134.251.64.243 tcp(ident) 2 44 ns1.foo.com 192.1.1.20 tcp(smtp) 1 44 ns1.foo.com 192.1.1.21 tcp(smtp) 1 44 ns1.foo.com 192.1.1.22 tcp(smtp) 1 44 devel.lab.foo.com 192.1.1.8 tcp(telnet) 1 44 fwrtrmain01.foo.com apollo.foo.com tcp(TACACSplus) 8 44 corelinkmain01.foo.com apollo.foo.com tcp(TACACSplus) 11 44 dhcp-100-101-160-062.dhcp.foo.com corelinkmain01.foo.com tcp(telnet) 1 41 192.1.1.13 corelinkmain01.foo.com tcp(telnet) 4 44 dhcp-100-101-160-062.dhcp.foo.com corelinkmain01.foo.com tcp(telnet) 8 44 test.lab.foo.com corelinkmain01.foo.com tcp(telnet) 1 44 fwmain01.foo.com dhcp-100-101-167-223.dhcp.foo.com tcp(X11) 2 44 fwfoomain01.foo.com dhcp-100-101-167-233.dhcp.foo.com tcp(1487) 1 41 dhcp-100-101-166-059.dhcp.foo.com fwfoomain01-2 tcp(telnet) 2 44 dhcp-100-101-166-057.dhcp.foo.com fwfoomain01-2 tcp(telnet) 1 44 test.lab.foo.com fwfoomain01-2 tcp(smtp) 1 44 test.lab.foo.com fwfoomain01-2 tcp(smtp) 1 44 dhcp-100-101-167-233.dhcp.foo.com fwfoomain01.foo.com tcp(telnet) 3 41 devel.lab.foo.com fwfoomain01.foo.com tcp(ftp) 2 44 ns1.foo.com fwfoomain01.foo.com tcp(smtp) 1 44 dhcp-100-101-167-233.dhcp.foo.com fwfoomain01.foo.com tcp(telnet) 8 44 devel.lab.foo.com fwfoomain01.foo.com tcp(telnet) 1 44 test.lab.foo.com fwfoomain01.foo.com tcp(smtp) 1 44 dhcp-100-101-167-233.dhcp.foo.com fwfoomain01.foo.com tcp(telnet) 1 40 dhcp-100-101-167-223.dhcp.foo.com fwmain01.foo.com tcp(http) 8 40 ns1.foo.com fwmain01.foo.com tcp(smtp) 1 44 gwt.lab.foo.com fwmain01.foo.com tcp(telnet) 1 44 dhcp-100-101-167-223.dhcp.foo.com fwmain01.foo.com tcp(http) 23 44 ns1.foo.com fwrtrmain01.foo.com tcp(smtp) 1 44 webfoogen1.foo.com hermes.foo.com tcp(smtp) 2 44 fwrtrmain01.foo.com ns4.foo.com udp(ntp-udp) 9132 76 corelinkmain01.foo.com ns4.foo.com udp(ntp-udp) 9181 76 mlink.foo.co.uk ns4.foo.com udp(ntp-udp) 2 76 mlink.foo.co.uk ns4.foo.net udp(ntp-udp) 3 76 fwrtrmain01.foo.com ns4.foo.net udp(ntp-udp) 4 76 corelinkmain01.foo.com.au ns4.foo.net.au udp(ntp-udp) 1 76 fwrtrmain01.foo.com ns4.foo.net.nz udp(ntp-udp) 3 76 corelinkmain01.foo.com ns4.foo.net.nz udp(ntp-udp) 1 76 mlink.foo.co.uk ns4.foo.net.nz udp(ntp-udp) 1 76 fwrtrmain01.foo.com ns4.foo.net.nz udp(ntp-udp) 1 76 corelinkmain01.foo.com ns4.foo.net.nz udp(ntp-udp) 3 76 fwrtrmain01.foo.com.au ns4.foo.net.nz.au udp(ntp-udp) 1 76 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 256 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 4 251 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 252 fwrtrmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 248 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 247 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 3 250 fwrtrmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 251 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 249 fwrtrmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 250 corelinkmain01.foo.com rtnw.foo.com udp(snmp-trap) 1 253 fwrtrmain01.foo.com rtnw.foo.com udp(snmp-trap) 2 253 zeus.lab.foo.com webfoogen1.foo.com tcp(telnet) 1 41 devel.lab.foo.com webfoogen1.foo.com tcp(telnet) 9 44 devel.lab.foo.com webfoogen1.foo.com tcp(telnet) 2 42 zeus.lab.foo.com webfoogen1.foo.com tcp(telnet) 1 44 devel.lab.foo.com webfoogen1.foo.com tcp(telnet) 99 40 devel.lab.foo.com webfoogen1.foo.com tcp(pop-3) 1 44 devel.lab.foo.com webfoogen1.foo.com tcp(ftp) 8 44 devel.lab.foo.com webfoogen1.foo.com tcp(ftp) 1 46 134.251.64.243 webfoogen1.foo.com tcp(smtp) 2 44 zeus.lab.foo.com webfoogen1.foo.com tcp(telnet) 33 40 devel.lab.foo.com webfoogen1.foo.com tcp(telnet) 5 41 dhcp-100-101-162-201.dhcp.foo.com webwebmain01.foo.com tcp(ftp) 3 44 ns1.foo.com webwebmain01.foo.com tcp(smtp) 1 44 webfoogen1.foo.com zeus.lab.foo.com tcp(X11) 1 44 SUMMARY INFORMATION Produced by fwlogsum Version: 5.1.0 http://fwlogsum.ginini.com/