Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
General
Off-Topic
Suspicious ASDM Syslog Alerts
Edificer
March 17 2015,
TCP access denied by ACL from 125.39.106.153/33798 to outside: (ASA outside int IP)/23
Does that mean someone from the outside just tried to telnet into my ASA? :S We have a closed network communication
Also,
March 16 2015
[ Scanning ] drop rate-1 exceeded. Current burst rate is 10 per second, max configured rate is 10; current average rate is 15 per second, max configured rate is 5; Cumulative total count is 55916 (and rising fast)
I matched the VPN Endpoints SAs with Main to make sure there was not a mismatch between any of our Remote Sites and ran
debug crypto ipsec
, everything looked completely fine.
I actually saw two drop rates being exceeded yesterday, it lasted 4 hours! During the 4 hours, the Dropped Packets Rate was for ACL Dropped: 8 (every 10 minutes)
Find more posts tagged with
Comments
Edificer
Another one just came in:
TCP access denied by ACL from 115.231.218.147/9091 to outside: (ASA outside int IP)/22
And again,
TCP access denied by ACL from 222.100.112.158/42454 to outside: (ASA outside int IP)/23
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
