1. Home
  2. Networking Firewalls
  3. MNW & Shaw Secure - "*.log" format

MNW & Shaw Secure - "*.log" format

-- 1. I have not succesfully to date been able to get "My Net Watchman" (MNW) to properly process the "SHAW Secure" .log files [which pull right into notepad] ?

  1. See any intrusion activity: ???

2005-08-05T15:55:28-07:00,info,appl control,unknown,allow,receive,17,64.59.184.13,0

2005-08-05T15:55:28-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,445,445,allow 2005-08-05T15:55:24-07:00,info,appl control,C:\\Program Files\\Shaw Secure\\backweb\\3875767\\Program\\fspex.exe,deny,listen,17,0.0.0.0,9370 2005-08-05T15:55:24-07:00,info,appl control,services.exe,deny,send,17,68.150.171.255,138 2005-08-05T15:55:25-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,deny,listen,17,0.0.0.0,0 2005-08-05T15:55:25-07:00,info,appl control,services.exe,deny,send,17,64.59.184.13,53 2005-08-05T15:55:25-07:00,info,appl control,services.exe,deny,send,17,64.59.184.13,53 2005-08-05T15:55:26-07:00,info,appl control,System,allow,send,17,68.150.171.255,138 2005-08-05T15:55:26-07:00,info,appl control,services.exe,deny,send,17,64.59.184.15,53 2005-08-05T15:55:26-07:00,info,appl control,services.exe,deny,send,17,64.59.184.15,53 2005-08-05T15:55:28-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,445,445,allow 2005-08-05T15:55:28-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,135,135,allow 2005-08-05T15:55:28-07:00,success,general,daemon,Firewall Daemon service started. 2005-08-05T15:55:31-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,58581,58581,allow 2005-08-05T15:55:31-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.15,53 2005-08-05T15:55:31-07:00,info,appl control,unknown,allow,send,17,68.150.171.255,138 2005-08-05T15:55:31-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,138 2005-08-05T15:55:31-07:00,info,appl control,C:\\WINNT\\system32\\lsass.exe,allow,listen,17,68.150.170.45,500 2005-08-05T15:55:31-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,500,500,allow 2005-08-05T15:55:31-07:00,info,appl control,C:\\WINNT\\system32\\lsass.exe,allow,listen,17,68.150.170.45,4500 2005-08-05T15:55:31-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,4500,4500,allow 2005-08-05T15:55:33-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.13,53 2005-08-05T15:55:36-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,68.150.171.255,137 2005-08-05T15:55:36-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,137 2005-08-05T15:55:37-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:38-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:39-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:39-07:00,info,appl control,unknown,allow,connect out,0,0.0.0.0,0 2005-08-05T15:55:39-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,12032,12032,allow 2005-08-05T15:55:40-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:41-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:42-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:42-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,68.150.171.255,138 2005-08-05T15:55:42-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,138 2005-08-05T15:55:43-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:44-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:45-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:55:45-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1029,1029,allow 2005-08-05T15:55:45-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:46-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:55:46-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,137 2005-08-05T15:55:48-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1029,1029,allow 2005-08-05T15:55:53-07:00,success,general,daemon,Policy file has been reloaded. 2005-08-05T15:55:53-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,58581,58581,allow 2005-08-05T15:55:53-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,58581,58581,allow 2005-08-05T15:55:54-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,138 2005-08-05T15:55:55-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:55:55-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1030,1030,allow 2005-08-05T15:55:55-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,64.59.184.13,0 2005-08-05T15:55:55-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1030,1030,allow 2005-08-05T15:55:55-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,140.112.217.129,889 2005-08-05T15:56:25-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:56:25-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1032,1032,allow 2005-08-05T15:56:25-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.13,53 2005-08-05T15:56:25-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,64.59.184.13,0 2005-08-05T15:56:25-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1032,1032,allow 2005-08-05T15:56:25-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,65.17.240.160,889 2005-08-05T15:56:39-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:56:39-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1034,1034,allow 2005-08-05T15:56:39-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,64.59.184.13,0 2005-08-05T15:56:39-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1034,1034,allow 2005-08-05T15:56:39-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,140.112.217.129,19899 2005-08-05T15:56:42-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,68.150.171.255,138 2005-08-05T15:56:42-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,138 2005-08-05T15:56:48-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,4500,4500,allow 2005-08-05T15:56:48-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,500,500,allow 2005-08-05T15:56:48-07:00,info,appl control,unknown,allow,send,17,68.150.171.255,138 2005-08-05T15:56:48-07:00,info,appl control,unknown,allow,send,17,68.150.171.255,137 2005-08-05T15:56:48-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,137 2005-08-05T15:59:04-07:00,info,appl control,unknown,allow,receive,17,68.150.170.45,138 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,445,445,allow 2005-08-05T15:59:00-07:00,info,appl control,services.exe,allow,send,17,68.150.171.255,138 2005-08-05T15:59:01-07:00,info,appl control,System,allow,send,17,68.150.171.255,138 2005-08-05T15:59:03-07:00,info,appl control,System,allow,send,17,68.150.171.255,138 2005-08-05T15:59:04-07:00,info,appl control,System,allow,send,17,68.150.171.255,138 2005-08-05T15:59:04-07:00,info,appl control,C:\\WINNT\\system32\\lsass.exe,allow,listen,17,68.150.170.45,500 2005-08-05T15:59:04-07:00,info,appl control,C:\\WINNT\\system32\\lsass.exe,allow,listen,17,68.150.170.45,4500 2005-08-05T15:59:05-07:00,info,appl control,C:\\WINNT\\system32\\svchost.exe,deny,listen,6,0.0.0.0,135 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,445,445,allow 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,68,68,allow 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,138,138,allow 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,137,137,allow 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,139,139,allow 2005-08-05T15:59:06-07:00,success,general,daemon,Firewall Daemon service started. 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,58581,58581,allow 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\svchost.exe,allow,listen,6,0.0.0.0,135 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,135,135,allow 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1026,1026,allow 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:59:06-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1027,1027,allow 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.13,53 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.13,53 2005-08-05T15:59:06-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,64.59.184.13,0 2005-08-05T15:59:06-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1026,1026,allow 2005-08-05T15:59:07-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,59591,59591,allow 2005-08-05T15:59:07-07:00,info,appl control,unknown,allow,send,17,68.150.171.255,138 2005-08-05T15:59:07-07:00,info,appl control,C:\\WINNT\\system32\\winlogon.exe,allow,send,17,68.150.171.255,137 2005-08-05T15:59:07-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,137 2005-08-05T15:59:08-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,64.59.184.15,53 2005-08-05T15:59:08-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,64.59.184.15,0 2005-08-05T15:59:08-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:09-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1027,1027,allow 2005-08-05T15:59:09-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,161.58.176.169,19899 2005-08-05T15:59:10-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,68.150.171.255,137 2005-08-05T15:59:10-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,listen,17,0.0.0.0,0 2005-08-05T15:59:10-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,1029,1029,allow 2005-08-05T15:59:10-07:00,info,dynamic rule,removed,0.0.0.0,255.255.255.255,0,65535,1029,1029,allow 2005-08-05T15:59:10-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,61.121.100.107,80 2005-08-05T15:59:10-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,61.121.100.107,80 2005-08-05T15:59:10-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:11-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:12-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:13-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:14-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:15-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:15-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,61.121.100.107,80 2005-08-05T15:59:16-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,send,17,68.150.171.255,138 2005-08-05T15:59:16-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,138 2005-08-05T15:59:16-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:17-07:00,info,appl control,,allow,send,17,68.150.171.255,137 2005-08-05T15:59:17-07:00,info,appl control,C:\\WINNT\\system32\\services.exe,allow,receive,17,68.150.170.45,137 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,listen,6,0.0.0.0,22286 2005-08-05T15:59:18-07:00,info,dynamic rule,added,0.0.0.0,255.255.255.255,0,65535,22286,22286,allow 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.219.18,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.218.251,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.63.140,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.168.25,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.13.171,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.159.118,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.114.60,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.216.204,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.64.90,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.165.235,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.11.124,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.7.4,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.112.13,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.216.154,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.62.44,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.163.188,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.8.78,135 2005-08-05T15:59:18-07:00,info,appl control,C:\\WINNT\\vsmom.exe,allow,connect out,6,68.150.113.219,135

regards......'Ole

----------------------------------------------------------- "Power always thinks it has a great soul and vast views beyond the comprehension of the weak; and that it is doing God's service when it is violating all His laws. Our passions...possess so much metaphysical subtlety and so much overpowering eloquence that they insinuate themselves into the understanding and the conscience and convert both to their party." --JOHN ADAMS

Reply to
'ole
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.