FWLOGSUM REPORT

Dropped and Rejected Entries
Sorted by service
Excluding services: (smtp)

Report generated on: Sun Apr 21 22:12:10 2013
Period for report data: 20 Oct 2001 at 17:21:03 to 26 Nov 2001 at 9:02:26
Period for matched data: 17 Nov 2001 at 14:10:43 to 26 Nov 2001 at 9:01:59

TypeCount
Total entries processed 18995
Entries matched on 299
Inbound traffic 18952
Outbound traffic 8
Control Messages 35
Entries Ignored 25
Alert Entries 2
Attack Types 0
Unique Attack URLs 0
Encrypted/Decrypted Entries 4
Unknown Entries 0

Colour Coding

Alert Entries

Crypt/Decrypt Entries

Highlighted Entries

View Report Summary

Source Address Destination Address Service Count Rule
fwmain01.foo.com(http)dhcp-100-101-167-223.dhcp.foo.comtcp(1167)84
webfoogen1.foo.com(telnet)zeus.lab.foo.comtcp(1573)334
webfoogen1.foo.com(telnet)devel.lab.foo.comtcp(35338)94
webfoogen1.foo.com(telnet)devel.lab.foo.comtcp(38530)414
webfoogen1.foo.com(telnet)devel.lab.foo.comtcp(38567)424
gwt.lab.foo.com(22619)corelinkmain01.foo.comtcp(45)13
webfoogen1.foo.com(telnet)devel.lab.foo.comtcp(54924)74
dhcp-100-101-167-223.dhcp.foo.com(1234)fwmain01.foo.comtcp(FW1_mgmt)14
corelinkmain01.foo.com(11081)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11066)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11046)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11061)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11060)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11050)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11075)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11053)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11051)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11082)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11049)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11000)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11044)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11073)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11055)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11045)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11065)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11041)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11079)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11047)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11059)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11048)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11056)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11064)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11047)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11052)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11084)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11078)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11062)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11068)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11074)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11063)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11054)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11000)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11067)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11048)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11077)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11083)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11072)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11057)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11001)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11069)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11043)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11050)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11070)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11042)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11046)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11058)apollo.foo.comtcp(TACACSplus)14
fwrtrmain01.foo.com(11049)apollo.foo.comtcp(TACACSplus)14
corelinkmain01.foo.com(11071)apollo.foo.comtcp(TACACSplus)14
webfoogen1.foo.com(1023)apollo.foo.comtcp(login)14
devel.lab.foo.com(1019)webfoogen1.foo.comtcp(login)14
devel.lab.foo.com(1021)webfoogen1.foo.comtcp(login)14
192.1.28.252(1023)webfoogen1.foo.comtcp(login)14
dhcp-100-101-162-201.dhcp.foo.com(3167)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1325)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1316)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1322)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(3194)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1297)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1272)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1919)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1300)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(3178)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(3170)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1279)webwebmain01.foo.comtcp(nbsession)14
dhcp-100-101-162-201.dhcp.foo.com(1916)webwebmain01.foo.comtcp(nbsession)14
gwt.lab.foo.com(1023)fwfoomain01.foo.comtcp(shell)13
dhcp-100-101-162-201.dhcp.foo.com(990)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5300)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(917)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(910)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(939)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5212)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5303)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5209)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(937)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5298)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5305)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5306)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(971)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(997)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5206)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5301)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5207)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5297)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5302)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5304)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5205)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(908)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(921)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(951)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5208)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5308)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(954)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5307)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(5299)webwebmain01.foo.comtcp(sunrpc)14
dhcp-100-101-162-201.dhcp.foo.com(962)webwebmain01.foo.comtcp(sunrpc)14
test.lab.foo.com(6863)fwfoomain01-2tcp(tcpmux)13
test.lab.foo.com(6862)fwfoomain01.foo.comtcp(tcpmux)13
corelinkmain01.foo.com(64514)rtnw.foo.comtcp(telnet)14
dhcp-100-101-167-233.dhcp.foo.com.au(1586)fwfoomain01.foo.com.autcp(telnet)13
webfoogen1.foo.com(32819)apollo.foo.comtcp(telnet)14
fwrtrmain01.foo.com(63490)rtnw.foo.comtcp(telnet)14
gwt.lab.foo.com(22620)fwfoomain01.foo.comtcp(telnet)13
dhcp-100-101-167-233.dhcp.foo.com(1487)fwfoomain01.foo.comtcp(telnet)13
gwt.lab.foo.com(22620)fwfoomain01.foo.comtcp(telnet)13
dhcp-100-101-167-233.dhcp.foo.com(1588)fwfoomain01.foo.comtcp(telnet)13
fwrtrmain01.foo.com(12803)192.1.1.13tcp(telnet)14
corelinkmain01.foo.com(11266)192.1.1.13tcp(telnet)14
fwmain01.foo.com(1031)rtnw.foo.comtcp(telnet)14
gwt.lab.foo.com(22659)fwfoomain01.foo.comtcp(telnet)23
gwt.lab.foo.com(22657)fwfoomain01.foo.comtcp(telnet)13
dhcp-100-101-167-233.dhcp.foo.com(177)fwmain01.foo.comudp(177)24
gwt.lab.foo.com(65446)fwfoomain01.foo.comudp(33441)13
gwt.lab.foo.com(65446)fwfoomain01.foo.comudp(33442)13
gwt.lab.foo.com(65446)fwfoomain01.foo.comudp(33443)13
dhcp-100-101-167-233.dhcp.foo.com(nbname)fwfoomain01-2udp(nbname)14
mlink.foo.co.uk(ntp-udp)ns4.foo.comudp(ntp-udp)13
mlink.foo.co.uk(ntp-udp)ns4.foo.comudp(ntp-udp)23
fwrtrmain01.foo.com(ntp-udp)ns4.foo.netudp(ntp-udp)13
fwrtrmain01.foo.com(ntp-udp)ns4.foo.comudp(ntp-udp)53
mlink.foo.co.uk(ntp-udp)ns4.foo.comudp(ntp-udp)43
mlink.foo.co.uk(ntp-udp)ns4.foo.netudp(ntp-udp)23
fwrtrmain01.foo.com(ntp-udp)ns4.foo.comudp(ntp-udp)23
fwrtrmain01.foo.com(ntp-udp)ns4.foo.comudp(ntp-udp)154
mlink.foo.co.uk(ntp-udp)ns4.foo.comudp(ntp-udp)23
fwrtrmain01.foo.com(ntp-udp)ns4.foo.comudp(ntp-udp)33

Summary Information

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

Excluded Services

Service Count Of Entries
smtp257.72%

Top of Report

fwlogsum Version: 5.1.0

Charts generated using RGraph

Generated: Sun Apr 21 22:12:10 2013