Greetings Everyone,
I have a Windows 2000 server running Proxy Server 2.0. 2000 Server has been service packed etc... The Proxy server was installed useing the 2000 install wizard. Everything works and is great.
BUT.. < knew that was comming ...
We are getting Packet filters Generated Continueously.
Under System Event log.
Source: PacketFilterLog
Type: Warning
Category: None
Event ID: 44
Description:
Packet Filter dropped packet alert.
************************************
We are getting these every few minutes. Its filling the hard drives at a very fast rate due to the amount of these messages being logged.
Does anyone know what this means.
The log files EX: PF030120.log
Are getting up to 46mb in size due to this packet filter alert. thats causeing the hard drive to fill very quickly.
My question is.. How do I read the Packet Filter logs.
Here is an Example of a few lines.
1/29/2003, 0:00:02, 178.1.1.137, 204.255.246.18, Udp, 3604, 53, -, 0, 12.161.198.82, 45 00 00 44 b3 2d 00 00 80 11 10 df b2 01 01 89 cc ff f6 12 94 04 00 00 ëúw0ýÅ, 0e 14 00 35 00 30 23 d6 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,
1/29/2003, 0:00:02, 178.1.1.1, 63.149.223.119, Udp, 137, 137, -, 0, 12.161.198.82, 45 00 00 4e d6 a2 00 00 80 11 00 00 b2 01 01 01 3f 95 df 77 94 04 00 00 ëúw0ýÅ, 00 89 00 89 00 3a 2e 05 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,
Does anyone know where I can find a document on how to read the packet filter logs.
Is someone trying to hack into our network? Is this due to programs like napster on our network calling for the server?
HELP!!
Thanks,
TecGUY
I have a Windows 2000 server running Proxy Server 2.0. 2000 Server has been service packed etc... The Proxy server was installed useing the 2000 install wizard. Everything works and is great.
BUT.. < knew that was comming ...
We are getting Packet filters Generated Continueously.
Under System Event log.
Source: PacketFilterLog
Type: Warning
Category: None
Event ID: 44
Description:
Packet Filter dropped packet alert.
************************************
We are getting these every few minutes. Its filling the hard drives at a very fast rate due to the amount of these messages being logged.
Does anyone know what this means.
The log files EX: PF030120.log
Are getting up to 46mb in size due to this packet filter alert. thats causeing the hard drive to fill very quickly.
My question is.. How do I read the Packet Filter logs.
Here is an Example of a few lines.
1/29/2003, 0:00:02, 178.1.1.137, 204.255.246.18, Udp, 3604, 53, -, 0, 12.161.198.82, 45 00 00 44 b3 2d 00 00 80 11 10 df b2 01 01 89 cc ff f6 12 94 04 00 00 ëúw0ýÅ, 0e 14 00 35 00 30 23 d6 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,
1/29/2003, 0:00:02, 178.1.1.1, 63.149.223.119, Udp, 137, 137, -, 0, 12.161.198.82, 45 00 00 4e d6 a2 00 00 80 11 00 00 b2 01 01 01 3f 95 df 77 94 04 00 00 ëúw0ýÅ, 00 89 00 89 00 3a 2e 05 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,
Does anyone know where I can find a document on how to read the packet filter logs.
Is someone trying to hack into our network? Is this due to programs like napster on our network calling for the server?
HELP!!
Thanks,
TecGUY