?
Solved

Pix Firewall Log Question

Posted on 2007-07-25
7
Medium Priority
?
582 Views
Last Modified: 2013-11-16
I noticed when doing a netstat -an there was an established connection to a 192.168.100.61 to the outside world....I have no idea who this is.... i also found something in the firewall....

Teardown TCP connection 94264 for outside:192.168.100.61/9100 to inside:192.168.10.48/60353 duration 0:  02:01 bytes 0 SYN Timeout

Could somebody please tell me what this means?? this is private address...so how could it be from the outside?
0
Comment
Question by:jaysonfranklin
7 Comments
 
LVL 4

Expert Comment

by:djmounce553
ID: 19568614
Do you happen to be running through a router?
0
 
LVL 12

Expert Comment

by:Freya28
ID: 19568753
it could be an IP spoof. or is any one connected via vpn?
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 19569121
nobody is connectd to my computer via vpn. and i do get out to the internet through firewall. The pix is the router...
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 4

Expert Comment

by:djmounce553
ID: 19569175
I meant anything additional, if in addition to your PIX there was, let's say, a wireless router, that looks similar to the IP it would give.
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 19569682
nope. there is no .100 subnet anywhere around here...i know cuz i set everything up...could somebody have plugged in somewhere else in the building....and why would it show connected to my computer?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 19573706
TCP 9100 is Windows standard port monitor for printer mapping
Looks like perhaps someone has a printer port mapped to this .100 subnet IP. Since it is not local to your LAN, for all intents and purposes it is outside and the PIX builds a xlate for it, but then no response ever comes back so it tears down.
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 19576368
and because I have no route that points that subnet back to the inside thats why it shoots it out the default route. I knew the port had something to do with a printer from some googling, however, thanks for making everything more clear.

You Rock!
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Considering cloud tradeoffs and determining the right mix for your organization.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month14 days, 16 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question