Firewall log - Win 2008
My Windows 2008 Firewall log captured a record as follow:- # #Fields: date time action protocol src-ip dst-ip src-port dst-port size # tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path # 2012-07-23 20:29:12 DROP TCP 209.85.175.100 10.0.0.36 443 4981 48 SA # 966076498 3305605894 14300 - What does this tell me? Is this an incoming traffic trying to his the server? Thanks! MS.Siew
July 29th, 2012 10:01pm
Hi Siew, Thank you for the post. Yes, the log means firewall drop incoming TCP protocol packet from 209.85.175.100 (port 443) to 10.0.0.36(port 4981). If there are more inquiries on this issue, please feel free to let us know. RegardsRick Tan TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
July 31st, 2012 2:11am
Hi Siew, Thank you for the post. Yes, the log means firewall drop incoming TCP protocol packet from 209.85.175.100 (port 443) to 10.0.0.36(port 4981). If there are more inquiries on this issue, please feel free to let us know. RegardsRick Tan TechNet Community Support
July 31st, 2012 2:15am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics