Cisco PIX Firewall System Log Messages, Version 6.3
Index
Downloads: This chapterpdf (PDF - 333.0KB) The complete bookPDF (PDF - 1.7MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - L - M - N - O - P - R - S - T - U - V - W - X -

Index

A

AAA message2-17, 2-18

ABR without backbone area2-52

access denied

TCP/UDP2-98

URL2-41

access-list command2-10

access permitted2-98

access requested2-97

ACLs

deny-flows2-16

logging matches2-15

ActiveX object, filtering2-73

added messages1-1

address translation slots2-27, 2-64

ARP packet mismatch2-63

ARP poisoning attack2-63

asymmetric routing2-14

attacks

ARP poisoning2-63

DNS HINFO request2-55

DNS request for all records2-55

DNS zone transfer2-55

DNS zone transfer from high port2-55

DoS2-16, 2-20, 2-28, 2-67

fragmented ICMP traffic2-55

IP fragment2-55

IP fragments overlap2-55

IP impossible packet2-55

IP routing table2-16, 2-17

land2-13

large ICMP traffic2-55

man in the middle2-53

ping of death2-55

proxied RPC request2-56

spoofing2-12, 2-14, 2-64

statd buffer overflow2-56

SYN2-26

TCP FIN only flags2-55

TCP NULL flags2-55

TCP SYN+FIN flags2-55

UDP bomb2-55

UDP chargen DoS2-55

UDP snork2-55

Authen Session End2-19

authentication

failed2-18

request succeeds2-18

Auth from IP address/port to IP address/port failed2-17

Auth start for user2-17

Auto Update URL unreachable2-89

B

backup server list

downloaded2-86

error2-86

bandwidth is zero2-90

beginning configuration replication2-96

broadcast, invalid source address2-12

buffer1-10

built H245 connection2-36

C

can not specify PAT host2-11

Cisco PIX Device Manager (PDM)1-19

Cisco Secure Policy Manager (Cisco Secure PM)1-19

commands

access-list2-10

access-list deny-flow-max2-16

clear local-host2-66

conduit2-12

conduit permit icmp2-12

config2-23

configure2-24

failover2-5

failover active2-4

filter activex2-73

filter allow2-42, 2-43

fixup protocol smtp2-17

floodguard2-19

global2-43

ip verify reverse-path2-14

logging1-6

nat2-43

no failover2-5

no failover active2-4

outbound deny2-10

reload2-24, 2-25

rsh2-27

show blocks2-7

show local-host2-66

show outbound2-10

show static2-26

show version2-66

sysopt connection enforcesubnet2-12

timeout uauth2-19

write2-23

write erase2-23

conduit command2-12

conduit permit icmp command2-12

config command2-23

configure command2-24

connection limit exceeded2-98

console output1-9

CTIQBE

connection object pre-allocation2-91

unsupported version2-91

D

default severity level1-6

deleted messages1-1

denied manager connection1-5

deny

inbound from outside2-11

inbound ICMP2-12

inbound UDP2-10

inbound UDP due to query/response2-10

IP from address to address2-11

IP spoof2-12

self route2-11

TCP (no connection)2-12

detecting use of Internet phone2-36

device pass through

disabled2-88

enabled2-88

DHCP client and server2-78

disabling messages1-14

DNS HINFO request attack2-55

DNS query or response is denied2-10

DNS request for all records attack2-55

DNS server too slow2-10

DNS zone transfer attack2-55

DNS zone transfer from high port attack2-55

DoS attack2-16, 2-20, 2-28, 2-67

dropping echo request2-11

E

Easy VPN Remote

backup server list

downloaded2-86

error2-86

device pass through

disabled2-88

enabled2-88

load balancing cluster

disconnected2-87

redirected2-86

split network entry duplicate2-89

SUA

disabled2-87

enabled2-87

user authentication

disabled2-88

enabled2-87

XAUTH enabled2-88

embryonic limit exceeded2-26

enabling logging1-9

end configuration--FAILED2-23

End Configuration Replication2-96

erase configuration2-23

F

failover active command2-4

failover command2-5

failover messages2-1, 2-3, 2-5, 2-7, 2-96

filter activex command2-73

filter allow command2-42, 2-43

filtering ActiveX objects2-73

fixup protocol smtp command2-17

floodguard command2-19

format of messages1-15

fragmented ICMP traffic attack2-55

FTP data connection failed2-26

G

global command2-43

H

H.2252-65

H.2452-36

H.3232-36

hello packet with duplicate router ID2-70

hostile event2-13, 2-58, 2-59, 2-61

host limit2-66

HTTPS process limit2-22

I

ICMP

packet denied2-11, 2-12

translation creation failed2-44

IDB initializatrion2-53

inbound TCP connection denied2-9

insufficient memory2-27, 2-64

interface

bandwidth is zero2-90

virtual2-34

Internet phone, detecting use of2-36

invalid character replaced in email address2-17

invalid source addresses2-12

IP fragment attack2-55

IP fragments overlap attack2-55

IP impossible packet attack2-55

IP route counter decrement failure2-67

IP routing table

attack2-16, 2-17

creation error2-51

limit exceeded2-51

limit warning2-51

OSPF inconsistency2-52

ip verify reverse-path command2-14

L

land attack2-13

large ICMP traffic attack2-55

Leaving ALLOW mode, URL Server2-43

level

01-6

default1-6

severity1-16

link status `Up' or 'Down'2-6

load balancing cluster

disconnected2-87

redirected2-86

logging command overview1-6

logging output locations1-10

loopback network, invalid source address2-12

lost failover communications with mate2-6

low memory2-51

LSA

default with wrong mask2-69

invalid type2-68

not found2-52

M

MAC address mismatch2-64

man in the middle attack2-53

memory

corruption2-90

insufficient2-27, 2-64

leak2-52

low2-51

memory, insufficient2-64

message block alloc failed2-7

messages

deleted1-1

disabling1-14

format1-15

new1-1

output locations1-10

reenabling1-14

severity levels1-16

understanding1-15

variables1-15, 1-16

monitoring on interface2-6

MPPE2-60

MS-CHAP2-60

N

nat command2-43

network range area change2-90

new messages1-1

no associated connection within connection table2-12

no authentication server found2-18

nobody keyword in a message1-9

no failover active command2-4

no failover command2-5

no translation group found2-43

O

OSPF

ABR without backbone area2-52

checksum error2-90

database description from unknown neighbor2-68

database request from unknown neighbor2-68

hello from unknown neighbor2-68

hello packet with duplicate router ID2-70

IDB initializatrion2-53

invalid packet2-68

IP routing table inconsistency2-52

LSA

default with wrong mask2-69

invalid type2-68

not found2-52

neighbor state changed2-75

network range area change2-90

packet of invalid length2-68

process reset2-53

router ID allocation failure2-69

router-id reset2-53

virtual links2-53

outbound deny command2-10

out of address translation slots!2-27

output locations

buffer1-10

console1-9

SNMP1-13

syslog server1-12

Telnet1-11

P

PAT

address2-27, 2-64

global address2-11

host2-11

PDM (PIX Device Manager)1-19

permitted

manager connection1-5, 2-46

Telnet login session1-5

ping of death attack2-55

PIX

clear finished2-25

console enable password incorrect2-46

reload command executed2-25

power failure, failover2-2

PPP virtual interface2-34

PPTP tunnel2-34

PPTP XGRE packet2-59

preallocate H323 UDP backconnection2-36

proxied RPC request attack2-56

R

RADIUS authentication2-60

RCMD, back connection failed2-27

rebuilt TCP connection2-36

reenabling messages1-14

reload command2-24, 2-25

request discarded2-99

router ID allocation failure2-69

router-id reset2-53

rsh command2-27

S

security breach2-11

security policy management1-19

self route2-11

SETUP message2-65

severity level

01-6

default1-6

severity levels definition1-16

show blocks command2-7

show outbound command2-10

show static command2-26

SMTP2-17

SNMP management station1-13

split network entry duplicate2-89

spoofing attack2-12, 2-14, 2-64

SSH1-5

statd buffer overflow attack2-56

SUA

disabled2-87

enabled2-87

SYN2-12

SYN attack2-26

syslog server1-12

sysopt connection enforcesubnet command2-12

T

TCP

access denied2-98

access permitted2-98

access requested2-97

connection limit exceeded2-98

request discarded2-99

translation creation failed2-44

TCP FIN only flags attack2-55

TCP NULL flags attack2-55

TCP SYN+FIN flags attack2-55

Telnet logging1-11, 1-20

Telnet login session failed1-5

terminal monitor command1-11

testing

interface2-7

logging1-9

timeouts, recommended values2-66

timeout uauth command2-19

too many connections on static2-26

tunnel, PPTP2-34

U

UDP

access denied2-98

access permitted2-98

bomb attack2-55

chargen DoS attack2-55

packet2-10

request discarded2-99

snork attack2-55

translation creation failed2-44

URL

filtering, disabled2-42

URL Server2-42

user authentication

disabled2-88

enabled2-87

error2-21

V

variables in messages1-15, 1-16

virtual interface2-34

virtual links2-53

vpdn group command2-60

VPN

peer limit2-50

tunnel2-50

W

web requests, unfiltered2-42

Websense server2-42

write command2-23

write erase command2-23

X

XAUTH enabled2-88

XGRE2-59