Server or clients infected? Network traffic log.
I received a mail from abuse that spam is originating from our router WAN IP starting yesterday. When I check the logs I also find outbound/inbound connections from a server in our network. The server however, have external ip xxx.159.46.163(1:1 NAT, in LAN range), and the traffic is originating from xxx.159.46.162.
192.168.1.245 is a local server in our network (external IP xxx.159.45.163)
81.93.163.115 being destination in som log entries belongs to the server park of a large norwegian newspaper.
xxx.159.46.162 is the IP for the WAN interface on the router.
What is this: 126 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
I have to admit that network traffic is not my profession, and I don't really understand why ICMP is permitted into the network from the outside. Default policy is "Drop" on WAN to LAN. The only exeption is 3389 UDP to a terminal server inside LAN.
What does this traffic indicate? Can anyone pinpoint a likely cause/infection?
1 2008-11-19 12:17:10 Peer TCP state out of order, sent TCP RST 192.168.1.151:4395 81.93.172.130:80 TCP RST
2 2008-11-19 12:16:44 Peer TCP state out of order, sent TCP RST 192.168.1.151:4379 81.93.172.130:80 TCP RST
3 2008-11-19 12:13:57 Peer TCP state out of order, sent TCP RST 192.168.1.151:4352 81.93.172.130:80 TCP RST
4 2008-11-19 12:12:51 DHCP server assigns IP:192.168.1.29 to kennethlaptop(00:0B:7D:18:
5 2008-11-19 12:12:30 Firewall session time out, sent TCP RST 209.85.161.127:80 192.168.1.245:1246 TCP RST
6 2008-11-19 12:12:30 Firewall session time out, sent TCP RST 87.238.52.12:80 192.168.1.245:1250 TCP RST
7 2008-11-19 12:12:26 Firewall session time out, sent TCP RST 217.212.227.78:80 192.168.1.245:1243 TCP RST
8 2008-11-19 12:12:26 Firewall session time out, sent TCP RST 77.238.187.39:80 192.168.1.245:1253 TCP RST
9 2008-11-19 12:12:22 Firewall session time out, sent TCP RST 91.195.8.120:80 192.168.1.245:1167 TCP RST
10 2008-11-19 12:12:22 Firewall session time out, sent TCP RST 91.195.8.120:80 192.168.1.245:1166 TCP RST
11 2008-11-19 12:08:02 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 202.172.101.36 ACCESS PERMITTED
12 2008-11-19 12:08:01 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.48.54 ACCESS PERMITTED
13 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.79 ACCESS PERMITTED
14 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.40 ACCESS PERMITTED
15 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.62 ACCESS PERMITTED
16 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 122.152.142.14 ACCESS PERMITTED
17 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.51.34 ACCESS PERMITTED
18 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.57.5 ACCESS PERMITTED
19 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.52.13 ACCESS PERMITTED
20 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.216.60.75 ACCESS PERMITTED
21 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 89.202.193.171 ACCESS PERMITTED
22 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.53.24 ACCESS PERMITTED
23 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 209.9.8.94 ACCESS PERMITTED
24 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.218.69.2 ACCESS PERMITTED
25 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.216.14.130 ACCESS PERMITTED
26 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 77.67.0.133 ACCESS PERMITTED
27 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx159.46.162 93.188.130.47 ACCESS PERMITTED
28 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 93.188.128.29 ACCESS PERMITTED
29 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.49.160 ACCESS PERMITTED
30 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 77.67.3.162 ACCESS PERMITTED
31 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 93.188.129.21 ACCESS PERMITTED
32 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 213.244.185.38 ACCESS PERMITTED
33 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 209.170.120.50 ACCESS PERMITTED
34 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 217.212.227.85 ACCESS PERMITTED
35 2008-11-19 12:07:54 Peer TCP state out of order, sent TCP RST 192.168.1.245:1226 81.93.163.115:80 TCP RST
36 2008-11-19 12:07:54 Peer TCP state out of order, sent TCP RST 192.168.1.245:1224 81.93.163.115:80 TCP RST
37 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1261 81.93.163.115:80 TCP RST
38 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1257 81.93.163.115:80 TCP RST
39 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1256 81.93.163.115:80 TCP RST
40 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1255 81.93.163.115:80 TCP RST
41 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1251 81.93.163.115:80 TCP RST
42 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1242 81.93.163.115:80 TCP RST
43 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1241 81.93.163.115:80 TCP RST
44 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1240 81.93.163.115:80 TCP RST
45 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1239 81.93.163.115:80 TCP RST
46 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1237 81.93.163.115:80 TCP RST
47 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1228 81.93.163.115:80 TCP RST
48 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1222 81.93.163.115:80 TCP RST
49 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1221 81.93.163.115:80 TCP RST
50 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1219 81.93.163.115:80 TCP RST
51 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1218 81.93.163.115:80 TCP RST
52 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1217 81.93.163.115:80 TCP RST
53 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1216 81.93.163.115:80 TCP RST
54 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1215 81.93.163.115:80 TCP RST
55 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1212 81.93.163.115:80 TCP RST
56 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1211 81.93.163.115:80 TCP RST
57 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1210 81.93.163.115:80 TCP RST
58 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1205 81.93.163.115:80 TCP RST
59 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1209 81.93.163.115:80 TCP RST
60 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1208 81.93.163.115:80 TCP RST
61 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1207 81.93.163.115:80 TCP RST
62 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1204 81.93.163.115:80 TCP RST
63 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1202 81.93.163.115:80 TCP RST
64 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1201 81.93.163.115:80 TCP RST
65 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1200 81.93.163.115:80 TCP RST
66 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1197 81.93.163.115:80 TCP RST
67 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1196 81.93.163.115:80 TCP RST
68 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1194 81.93.163.115:80 TCP RST
69 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1193 81.93.163.115:80 TCP RST
70 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1191 81.93.163.115:80 TCP RST
71 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1189 81.93.163.115:80 TCP RST
72 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1187 81.93.163.115:80 TCP RST
73 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1185 81.93.163.115:80 TCP RST
74 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1183 81.93.163.115:80 TCP RST
75 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1182 81.93.163.115:80 TCP RST
76 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1181 81.93.163.115:80 TCP RST
77 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1180 81.93.163.115:80 TCP RST
78 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1179 81.93.163.115:80 TCP RST
79 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1178 81.93.163.115:80 TCP RST
80 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1177 81.93.163.115:80 TCP RST
81 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1176 81.93.163.115:80 TCP RST
82 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1174 81.93.163.115:80 TCP RST
83 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1171 81.93.163.115:80 TCP RST
84 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1159 81.93.163.115:80 TCP RST
85 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1158 81.93.163.115:80 TCP RST
86 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1157 81.93.163.115:80 TCP RST
87 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1155 81.93.163.115:80 TCP RST
88 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1154 81.93.163.115:80 TCP RST
89 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1153 81.93.163.115:80 TCP RST
90 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1152 81.93.163.115:80 TCP RST
91 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1151 81.93.163.115:80 TCP RST
92 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1150 81.93.163.115:80 TCP RST
93 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1149 81.93.163.115:80 TCP RST
94 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1148 81.93.163.115:80 TCP RST
95 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1147 81.93.163.115:80 TCP RST
96 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1146 81.93.163.115:80 TCP RST
97 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1138 81.93.163.115:80 TCP RST
98 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1135 81.93.163.115:80 TCP RST
99 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1134 81.93.163.115:80 TCP RST
100 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1133 81.93.163.115:80 TCP RST
101 2008-11-19 12:03:30 Firewall session time out, sent TCP RST 87.238.52.12:80 192.168.1.245:1040 TCP RST
102 2008-11-19 11:57:37 Peer TCP state out of order, sent TCP RST 192.168.1.245:1035 81.93.163.115:80 TCP RST
103 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4951 81.93.163.115:80 TCP RST
104 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4947 81.93.163.115:80 TCP RST
105 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4950 81.93.163.115:80 TCP RST
106 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4930 81.93.163.115:80 TCP RST
107 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4916 81.93.163.115:80 TCP RST
108 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4913 81.93.163.115:80 TCP RST
109 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4907 81.93.163.115:80 TCP RST
110 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4905 81.93.163.115:80 TCP RST
111 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4953 81.93.163.115:80 TCP RST
112 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4944 81.93.163.115:80 TCP RST
113 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4943 81.93.163.115:80 TCP RST
114 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4942 81.93.163.115:80 TCP RST
115 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4926 81.93.163.115:80 TCP RST
116 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4923 81.93.163.115:80 TCP RST
117 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4922 81.93.163.115:80 TCP RST
118 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4921 81.93.163.115:80 TCP RST
119 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4920 81.93.163.115:80 TCP RST
120 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4919 81.93.163.115:80 TCP RST
121 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4918 81.93.163.115:80 TCP RST
122 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4917 81.93.163.115:80 TCP RST
123 2008-11-19 11:56:56 Peer TCP state out of order, sent TCP RST 192.168.1.245:4908 81.93.163.115:80 TCP RST
124 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
125 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
126 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
127 2008-11-19 11:55:17 Peer TCP state out of order, sent TCP RST 192.168.1.245:4861 81.93.163.115:80 TCP RST
128 2008-11-19 11:55:17 Peer TCP state out of order, sent TCP RST 192.168.1.245:4862 81.93.163.115:80 TCP RST
192.168.1.245 is a local server in our network (external IP xxx.159.45.163)
81.93.163.115 being destination in som log entries belongs to the server park of a large norwegian newspaper.
xxx.159.46.162 is the IP for the WAN interface on the router.
What is this: 126 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
I have to admit that network traffic is not my profession, and I don't really understand why ICMP is permitted into the network from the outside. Default policy is "Drop" on WAN to LAN. The only exeption is 3389 UDP to a terminal server inside LAN.
What does this traffic indicate? Can anyone pinpoint a likely cause/infection?
1 2008-11-19 12:17:10 Peer TCP state out of order, sent TCP RST 192.168.1.151:4395 81.93.172.130:80 TCP RST
2 2008-11-19 12:16:44 Peer TCP state out of order, sent TCP RST 192.168.1.151:4379 81.93.172.130:80 TCP RST
3 2008-11-19 12:13:57 Peer TCP state out of order, sent TCP RST 192.168.1.151:4352 81.93.172.130:80 TCP RST
4 2008-11-19 12:12:51 DHCP server assigns IP:192.168.1.29 to kennethlaptop(00:0B:7D:18:
5 2008-11-19 12:12:30 Firewall session time out, sent TCP RST 209.85.161.127:80 192.168.1.245:1246 TCP RST
6 2008-11-19 12:12:30 Firewall session time out, sent TCP RST 87.238.52.12:80 192.168.1.245:1250 TCP RST
7 2008-11-19 12:12:26 Firewall session time out, sent TCP RST 217.212.227.78:80 192.168.1.245:1243 TCP RST
8 2008-11-19 12:12:26 Firewall session time out, sent TCP RST 77.238.187.39:80 192.168.1.245:1253 TCP RST
9 2008-11-19 12:12:22 Firewall session time out, sent TCP RST 91.195.8.120:80 192.168.1.245:1167 TCP RST
10 2008-11-19 12:12:22 Firewall session time out, sent TCP RST 91.195.8.120:80 192.168.1.245:1166 TCP RST
11 2008-11-19 12:08:02 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 202.172.101.36 ACCESS PERMITTED
12 2008-11-19 12:08:01 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.48.54 ACCESS PERMITTED
13 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.79 ACCESS PERMITTED
14 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.40 ACCESS PERMITTED
15 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.50.62 ACCESS PERMITTED
16 2008-11-19 12:07:59 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 122.152.142.14 ACCESS PERMITTED
17 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.51.34 ACCESS PERMITTED
18 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.57.5 ACCESS PERMITTED
19 2008-11-19 12:07:58 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.52.13 ACCESS PERMITTED
20 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.216.60.75 ACCESS PERMITTED
21 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 89.202.193.171 ACCESS PERMITTED
22 2008-11-19 12:07:57 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.53.24 ACCESS PERMITTED
23 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 209.9.8.94 ACCESS PERMITTED
24 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.218.69.2 ACCESS PERMITTED
25 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 63.216.14.130 ACCESS PERMITTED
26 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 77.67.0.133 ACCESS PERMITTED
27 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx159.46.162 93.188.130.47 ACCESS PERMITTED
28 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 93.188.128.29 ACCESS PERMITTED
29 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 66.114.49.160 ACCESS PERMITTED
30 2008-11-19 12:07:56 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 77.67.3.162 ACCESS PERMITTED
31 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 93.188.129.21 ACCESS PERMITTED
32 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 213.244.185.38 ACCESS PERMITTED
33 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 209.170.120.50 ACCESS PERMITTED
34 2008-11-19 12:07:55 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) xxx.159.46.162 217.212.227.85 ACCESS PERMITTED
35 2008-11-19 12:07:54 Peer TCP state out of order, sent TCP RST 192.168.1.245:1226 81.93.163.115:80 TCP RST
36 2008-11-19 12:07:54 Peer TCP state out of order, sent TCP RST 192.168.1.245:1224 81.93.163.115:80 TCP RST
37 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1261 81.93.163.115:80 TCP RST
38 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1257 81.93.163.115:80 TCP RST
39 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1256 81.93.163.115:80 TCP RST
40 2008-11-19 12:07:53 Peer TCP state out of order, sent TCP RST 192.168.1.245:1255 81.93.163.115:80 TCP RST
41 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1251 81.93.163.115:80 TCP RST
42 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1242 81.93.163.115:80 TCP RST
43 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1241 81.93.163.115:80 TCP RST
44 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1240 81.93.163.115:80 TCP RST
45 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1239 81.93.163.115:80 TCP RST
46 2008-11-19 12:07:52 Peer TCP state out of order, sent TCP RST 192.168.1.245:1237 81.93.163.115:80 TCP RST
47 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1228 81.93.163.115:80 TCP RST
48 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1222 81.93.163.115:80 TCP RST
49 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1221 81.93.163.115:80 TCP RST
50 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1219 81.93.163.115:80 TCP RST
51 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1218 81.93.163.115:80 TCP RST
52 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1217 81.93.163.115:80 TCP RST
53 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1216 81.93.163.115:80 TCP RST
54 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1215 81.93.163.115:80 TCP RST
55 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1212 81.93.163.115:80 TCP RST
56 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1211 81.93.163.115:80 TCP RST
57 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1210 81.93.163.115:80 TCP RST
58 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1205 81.93.163.115:80 TCP RST
59 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1209 81.93.163.115:80 TCP RST
60 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1208 81.93.163.115:80 TCP RST
61 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1207 81.93.163.115:80 TCP RST
62 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1204 81.93.163.115:80 TCP RST
63 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1202 81.93.163.115:80 TCP RST
64 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1201 81.93.163.115:80 TCP RST
65 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1200 81.93.163.115:80 TCP RST
66 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1197 81.93.163.115:80 TCP RST
67 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1196 81.93.163.115:80 TCP RST
68 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1194 81.93.163.115:80 TCP RST
69 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1193 81.93.163.115:80 TCP RST
70 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1191 81.93.163.115:80 TCP RST
71 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1189 81.93.163.115:80 TCP RST
72 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1187 81.93.163.115:80 TCP RST
73 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1185 81.93.163.115:80 TCP RST
74 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1183 81.93.163.115:80 TCP RST
75 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1182 81.93.163.115:80 TCP RST
76 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1181 81.93.163.115:80 TCP RST
77 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1180 81.93.163.115:80 TCP RST
78 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1179 81.93.163.115:80 TCP RST
79 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1178 81.93.163.115:80 TCP RST
80 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1177 81.93.163.115:80 TCP RST
81 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1176 81.93.163.115:80 TCP RST
82 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1174 81.93.163.115:80 TCP RST
83 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1171 81.93.163.115:80 TCP RST
84 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1159 81.93.163.115:80 TCP RST
85 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1158 81.93.163.115:80 TCP RST
86 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1157 81.93.163.115:80 TCP RST
87 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1155 81.93.163.115:80 TCP RST
88 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1154 81.93.163.115:80 TCP RST
89 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1153 81.93.163.115:80 TCP RST
90 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1152 81.93.163.115:80 TCP RST
91 2008-11-19 12:07:51 Peer TCP state out of order, sent TCP RST 192.168.1.245:1151 81.93.163.115:80 TCP RST
92 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1150 81.93.163.115:80 TCP RST
93 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1149 81.93.163.115:80 TCP RST
94 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1148 81.93.163.115:80 TCP RST
95 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1147 81.93.163.115:80 TCP RST
96 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1146 81.93.163.115:80 TCP RST
97 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1138 81.93.163.115:80 TCP RST
98 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1135 81.93.163.115:80 TCP RST
99 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1134 81.93.163.115:80 TCP RST
100 2008-11-19 12:07:50 Peer TCP state out of order, sent TCP RST 192.168.1.245:1133 81.93.163.115:80 TCP RST
101 2008-11-19 12:03:30 Firewall session time out, sent TCP RST 87.238.52.12:80 192.168.1.245:1040 TCP RST
102 2008-11-19 11:57:37 Peer TCP state out of order, sent TCP RST 192.168.1.245:1035 81.93.163.115:80 TCP RST
103 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4951 81.93.163.115:80 TCP RST
104 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4947 81.93.163.115:80 TCP RST
105 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4950 81.93.163.115:80 TCP RST
106 2008-11-19 11:57:00 Peer TCP state out of order, sent TCP RST 192.168.1.245:4930 81.93.163.115:80 TCP RST
107 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4916 81.93.163.115:80 TCP RST
108 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4913 81.93.163.115:80 TCP RST
109 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4907 81.93.163.115:80 TCP RST
110 2008-11-19 11:56:59 Peer TCP state out of order, sent TCP RST 192.168.1.245:4905 81.93.163.115:80 TCP RST
111 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4953 81.93.163.115:80 TCP RST
112 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4944 81.93.163.115:80 TCP RST
113 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4943 81.93.163.115:80 TCP RST
114 2008-11-19 11:56:58 Peer TCP state out of order, sent TCP RST 192.168.1.245:4942 81.93.163.115:80 TCP RST
115 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4926 81.93.163.115:80 TCP RST
116 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4923 81.93.163.115:80 TCP RST
117 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4922 81.93.163.115:80 TCP RST
118 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4921 81.93.163.115:80 TCP RST
119 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4920 81.93.163.115:80 TCP RST
120 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4919 81.93.163.115:80 TCP RST
121 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4918 81.93.163.115:80 TCP RST
122 2008-11-19 11:56:57 Peer TCP state out of order, sent TCP RST 192.168.1.245:4917 81.93.163.115:80 TCP RST
123 2008-11-19 11:56:56 Peer TCP state out of order, sent TCP RST 192.168.1.245:4908 81.93.163.115:80 TCP RST
124 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
125 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
126 2008-11-19 11:56:13 Router reply ICMP packet: ICMP(Time to Live exceeded in Transit) 192.168.1.1 192.168.1.245 ACCESS PERMITTED
127 2008-11-19 11:55:17 Peer TCP state out of order, sent TCP RST 192.168.1.245:4861 81.93.163.115:80 TCP RST
128 2008-11-19 11:55:17 Peer TCP state out of order, sent TCP RST 192.168.1.245:4862 81.93.163.115:80 TCP RST
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.