I understand that. What is actually confusing is Cisco's explanation. Thanks for the info
-----Original Message-----
From: Ron DuFresne [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 11, 2002 12:31 PM
To: Matthew Carpenter
Cc: [EMAIL PROTECTED]
Subject: Re: PIX SYSLOG entries
On Thu, 11 Apr 2002, Matthew Carpenter wrote:
> Should this entry be a concern?
>
>
>
> Apr 11 2002 11:37:59: %PIX-3-106011: Deny inbound (No xlate) icmp src
> outside:208.185.54.14 dst outside:208.249.103.99 (type 8, code 0)
>
icmp type 8 is echo, folks are trying to ping you
yer pix is not letting those packets through, yer rulebase denies em it
seems...
>
>
> I am getting a lot of these. Actually, that is the only thing coming across.
> Is this an intrusion issue. I read about it on Cisco's site, but the
> explanation they have is rather vague. The messages interchange ICMP and
> UDP. TIA
>
They are still either trying to ping <some pings can play udp> or
traceroute.
You need to get uptodate on those icmp types <smile>.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
