Carrier Access Multi-Service Router (MSR) Card MSR/Adit 3K GUI User Manual

4-36

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI

Security

Security Log

Security Log Settings

Field

Definition

Accepted Events

Accepted Incoming
Connections

Sessions originated from the Internet that have been allowed by
the firewall.

Accepted Outgoing
Connections

Sessions originated from the network that have been allowed by
the firewall.

Blocked Events

Blocked Connection Attempts

Sessions that have been blocked by the firewall.

Winnuke

Detection of the Winnuke DOS attack.

Defragmentation Error

Detection of fragmented packets that cannot be properly
reassembled.

Blocked Fragments

Detection of fragmented packets when Block IP Fragments is
enabled.

Syn Flood

Detection of the Syn Flood DOS attack.

Echo Cargen

Detection of the Echo or Chargen DOS attacks.

Multicast/Broadcast

Detection of the multicast or broadcast packets arriving at the
WAN interface.

Spoofed Connection

Detection of IP address spoofing attacks.

Packet Illegal Options

Detection of IP packets with disallowed IP options: lsrr, ssrr, rr,
timestamp, or error options.

UDP Flood

Detection of a UDP Flood attack.

ICMP Replay

Detection of an ICMP Replay DOS attack.

ICMP Redirect

Detection of improper ICMP redirect messages from the WAN.

ICMP Multicast

Detection of multicast ICMP packets, such as a ping to a subnet
broadcast address.

ICMP Flood

Detection of an ICMP flood DOS attack.

Other Events

Remote Administration
Attempts

Management sessions established to the Adit.

Connection States

Session connection state detail.

Log Buffer

Prevent Log Overrun

Stop logging firewall detail when the log is full. This prevents
loosing early log entries, but will drop the later log entries.