Proxy Server 2.0 Packet Filter Logs

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

TecGuy

Thread Starter
Joined
Sep 18, 2002
Messages
17
Greetings Everyone,

I have a Windows 2000 server running Proxy Server 2.0. 2000 Server has been service packed etc... The Proxy server was installed useing the 2000 install wizard. Everything works and is great.

BUT.. < knew that was comming ...

We are getting Packet filters Generated Continueously.

Under System Event log.

Source: PacketFilterLog
Type: Warning
Category: None
Event ID: 44



Description:
Packet Filter dropped packet alert.

************************************

We are getting these every few minutes. Its filling the hard drives at a very fast rate due to the amount of these messages being logged.

Does anyone know what this means.



The log files EX: PF030120.log
Are getting up to 46mb in size due to this packet filter alert. thats causeing the hard drive to fill very quickly.

My question is.. How do I read the Packet Filter logs.

Here is an Example of a few lines.

1/29/2003, 0:00:02, 178.1.1.137, 204.255.246.18, Udp, 3604, 53, -, 0, 12.161.198.82, 45 00 00 44 b3 2d 00 00 80 11 10 df b2 01 01 89 cc ff f6 12 94 04 00 00 ëúw0ýÅ, 0e 14 00 35 00 30 23 d6 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,

1/29/2003, 0:00:02, 178.1.1.1, 63.149.223.119, Udp, 137, 137, -, 0, 12.161.198.82, 45 00 00 4e d6 a2 00 00 80 11 00 00 b2 01 01 01 3f 95 df 77 94 04 00 00 ëúw0ýÅ, 00 89 00 89 00 3a 2e 05 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,


Does anyone know where I can find a document on how to read the packet filter logs.

Is someone trying to hack into our network? Is this due to programs like napster on our network calling for the server?

HELP!!

Thanks,
TecGUY
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top