Dear all,
My PIX 501 6.3.5 log shows these errors. Would someone be able to explain what these mean in laymans' terms?
106021: Deny udp reverse path check from 192.168.255.1 to 62.140.29.51 on interface inside 106021: Deny udp reverse path check from 192.168.81.1 to 62.140.29.51 on interface inside 106021: Deny udp reverse path check from 192.168.255.1 to 62.140.29.51 on interface inside 106021: Deny udp reverse path check from 192.168.81.1 to 62.140.29.51 on interface inside 106021: Deny udp reverse path check from 192.168.255.1 to 62.140.29.51 on interface inside 106021: Deny udp reverse path check from 192.168.81.1 to 62.140.29.51 on interface insideMy internal network uses 10.9.9.0/24 and there are no devices that should be connected inside using 192.168.x.x.
I decided to nmap the address 62.140.29.51 to see what sort of box it was:
135/tcp filtered msrpc 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1025/tcp open NFS-or-IIS 4000/tcp open remoteanything 12000/tcp open cce4x 53/udp open|filtered domain 69/udp open|filtered tftp 135/udp open|filtered msrpc 136/udp open|filtered profile 137/udp open|filtered netbios-ns 138/udp open|filtered netbios-dgm 139/udp open|filtered netbios-ssn 161/udp open|filtered snmp 162/udp open|filtered snmptrap 177/udp open|filtered xdmcp 445/udp open|filtered microsoft-ds 500/udp open|filtered isakmp 1900/udp open|filtered UPnP 4500/udp open|filtered sae-urn 5000/udp open|filtered UPnP 5002/udp open|filtered rfe 5003/udp open|filtered filemaker Device type: general purpose Running: Microsoft Windows NT/2K/XP OS details: Microsoft Windows 2000 SP3 OS Fingerprint: OS:SCAN(V=4.20%D=6/10%OT=1025%CT=1%CU=%PV=N%DS=15%G=Y%TM=466C733A%P=i686-pc OS:-windows-windows)T1(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)T1(Resp=Y%DF=Y OS:%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)T1(Resp=N)T2(Resp=Y%DF=N%W=C00%ACK=S OS:%Flags=AR%Ops=WNMETL)T2(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL)T2(R OS:esp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL)T3(Resp=Y%DF=N%W=400%ACK=S++ OS:%Flags=AR%Ops=WNMETL)T3(Resp=Y%DF=N%W=800%ACK=S++%Flags=AR%Ops=WNMETL)T3 OS:(Resp=Y%DF=N%W=1000%ACK=S++%Flags=AR%Ops=WNMETL)T4(Resp=Y%DF=N%W=C00%ACK OS:=S%Flags=AR%Ops=WNMETL)T4(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL)T4 OS:(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)T5(Resp=Y%DF=N%W=0%ACK=S++% OS:Flags=AR%Ops=)T6(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL)T6(Resp=Y% OS:DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL)T6(Resp=Y%DF=N%W=400%ACK=S%Flags=AR OS:%Ops=WNMETL)T7(Resp=Y%DF=N%W=800%ACK=S++%Flags=AR%Ops=WNMETL)T7(Resp=Y%D OS:F=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)T7(Resp=Y%DF=N%W=1000%ACK=S++%Flag OS:s=AR%Ops=WNMETL)PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UC OS:K=F%ULEN=134%DAT=E)Network Distance: 15 hops
OS detection performed. Please report any incorrect results at