[Snort-users] Snort/Logsnorter/PureSecure Cisco ACL's

Michael Scheidell scheidell at ...5171...
Mon Nov 17 06:12:10 EST 2003


At the very least, it means that the clock on the cisco box is not ntp synced, and therefore you cannot trust it:

see the *Nov 12 00:09:21?

(its the '*')
: Nov 12
> 00:11:03 c4700 3062: *Nov 12 00:09:21 EST: %SEC-6-IPACCESSLOGP: list 185 denied
> tcp XX.XX.XXX.XXX(52076) -> YY.YY.YYY.YYY(135), 2 packets
> 
-- 
Michael Scheidell
SECNAP Network Security
561-368-9561 x 1131
www.secnap.com 




More information about the Snort-users mailing list