User's Manual

ManualsBrandsZyXEL ManualsNetwork RouterZyXEL ZyXEL Communications Network Router wireless n gigbit router zyxel

271

272

273

274

275

276

277

278

279

280

Chapter 21 Logs

NBG-460N User’s Guide

280

Table 102 Attack Logs

LOG MESSAGE DESCRIPTION

attack [TCP | UDP | IGMP

| ESP | GRE | OSPF]

The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF

attack.

attack ICMP (type:%d,

code:%d)

The firewall detected an ICMP attack. For type and code

details, see Table 108 on page 286.

land [TCP | UDP | IGMP |

ESP | GRE | OSPF]

The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF

land attack.

land ICMP (type:%d,

code:%d)

The firewall detected an ICMP land attack. For type and

code details, see Table 108 on page 286.

ip spoofing - WAN [TCP |

UDP | IGMP | ESP | GRE |

OSPF]

The firewall detected an IP spoofing attack on the WAN

port.

ip spoofing - WAN ICMP

(type:%d, code:%d)

The firewall detected an ICMP IP spoofing attack on the

WAN port. For type and code details, see Table 108 on

page 286.

icmp echo: ICMP (type:%d,

code:%d)

The firewall detected an ICMP echo attack. For type and

code details, see Table 108 on page 286.

syn flood TCP The firewall detected a TCP syn flood attack.

ports scan TCP The firewall detected a TCP port scan attack.

teardrop TCP The firewall detected a TCP teardrop attack.

teardrop UDP The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,

code:%d)

The firewall detected an ICMP teardrop attack. For type

and code details, see Table 108 on page 286.

illegal command TCP The firewall detected a TCP illegal command attack.

NetBIOS TCP The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing

entry [TCP | UDP | IGMP |

ESP | GRE | OSPF]

The firewall classified a packet with no source routing

entry as an IP spoofing attack.

ip spoofing - no routing

entry ICMP (type:%d,

code:%d)

The firewall classified an ICMP packet with no source

routing entry as an IP spoofing attack.

vulnerability ICMP

(type:%d, code:%d)

The firewall detected an ICMP vulnerability attack. For

type and code details, see Table 108 on page 286.

traceroute ICMP (type:%d,

code:%d)

The firewall detected an ICMP traceroute attack. For type

and code details, see Table 108 on page 286.

Table 103 IPSec Logs

LOG MESSAGE DESCRIPTION

Discard REPLAY packet The router received and discarded a packet with an

incorrect sequence number.

Inbound packet

authentication failed

The router received a packet that has been altered. A third

party may have altered or tampered with the packet.