Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1131
Views
0
Helpful
2
Replies

NAT Threat

pramod
Level 1
Level 1

‎02-06-2014 06:54 AM - edited ‎03-07-2019 06:03 PM

Dear All,

Please find the attached nat translation. unknown destination ports are seen. Is it a trojan? How to fix this. Its found on 2800 cisco router. If i give clear the transalation table manually its not clearing! it remains the same. let me know - rgds, pramod

Labels:
0 Helpful
2 Replies 2

John Blakley
VIP Alumni
VIP Alumni

‎02-06-2014 07:03 AM

I don't see the attachment...can you reattach?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

pramod
Level 1
Level 1
In response to John Blakley

‎02-07-2014 06:45 AM

Please find the attached:

x.x.x.x - is the public ip interface of router

tcp X.X.X.X (public):1052 10.10.14.45:51358  176.227.207.242:80 176.227.207.242:80

tcp X.X.X.X (public):1053 10.10.14.45:51359  173.194.39.69:80   173.194.39.69:80

tcp X.X.X.X (public):51112 10.10.14.46:51112 212.119.24.129:80  212.119.24.129:80

tcp X.X.X.X (public):51113 10.10.14.46:51113 23.98.49.14:80     23.98.49.14:80

tcp X.X.X.X (public):1112 10.10.14.46:51114  81.52.205.153:80   81.52.205.153:80

tcp X.X.X.X (public):49969 10.10.14.52:49969 173.194.78.125:443 173.194.78.125:443

tcp X.X.X.X (public):50534 10.10.14.52:50534 212.88.109.48:443  212.88.109.48:443

udp X.X.X.X (public):10005 10.10.14.60:10005 1.9.101.10:45682   1.9.101.10:45682

udp X.X.X.X (public):10005 10.10.14.60:10005 1.22.202.51:60663  1.22.202.51:60663

udp X.X.X.X (public):10005 10.10.14.60:10005 1.162.102.194:18141 1.162.102.194:1814

1

udp X.X.X.X (public):10005 10.10.14.60:10005 1.168.19.58:55211  1.168.19.58:55211

udp X.X.X.X (public):10005 10.10.14.60:10005 5.9.43.107:51413   5.9.43.107:51413

udp X.X.X.X (public):10005 10.10.14.60:10005 5.12.254.187:30891 5.12.254.187:30891

udp X.X.X.X (public):10005 10.10.14.60:10005 5.13.91.159:63547  5.13.91.159:63547

udp X.X.X.X (public):10005 10.10.14.60:10005 5.13.223.54:14274  5.13.223.54:14274

udp X.X.X.X (public):10005 10.10.14.60:10005 5.15.176.165:65435 5.15.176.165:65435

udp X.X.X.X (public):10005 10.10.14.60:10005 5.69.132.222:52447 5.69.132.222:52447

Pro Inside global      Inside local       Outside local      Outside global

udp X.X.X.X (public):10005 10.10.14.60:10005 5.79.76.241:51416  5.79.76.241:51416

udp X.X.X.X (public):10005 10.10.14.60:10005 5.81.37.114:17925  5.81.37.114:17925

udp X.X.X.X (public):10005 10.10.14.60:10005 5.108.99.238:38940 5.108.99.238:38940

udp X.X.X.X (public):10005 10.10.14.60:10005 5.143.113.190:6881 5.143.113.190:6881

udp X.X.X.X (public):10005 10.10.14.60:10005 5.151.4.136:24874  5.151.4.136:24874

udp X.X.X.X (public):10005 10.10.14.60:10005 5.151.130.0:20365  5.151.130.0:20365

udp X.X.X.X (public):10005 10.10.14.60:10005 5.152.203.26:37881 5.152.203.26:37881

udp X.X.X.X (public):10005 10.10.14.60:10005 5.199.217.126:6881 5.199.217.126:6881

udp X.X.X.X (public):10005 10.10.14.60:10005 5.241.184.40:28829 5.241.184.40:28829

udp X.X.X.X (public):10005 10.10.14.60:10005 14.39.81.120:62314 14.39.81.120:62314

udp X.X.X.X (public):10005 10.10.14.60:10005 14.139.212.226:65381 14.139.212.226:65

381

udp X.X.X.X (public):10005 10.10.14.60:10005 14.162.173.225:57854 14.162.173.225:57

854

udp X.X.X.X (public):10005 10.10.14.60:10005 14.201.180.8:51413 14.201.180.8:51413

udp X.X.X.X (public):10005 10.10.14.60:10005 23.16.167.27:33474 23.16.167.27:33474

udp X.X.X.X (public):10005 10.10.14.60:10005 23.17.103.244:29972 23.17.103.244:2997

2

udp X.X.X.X (public):10005 10.10.14.60:10005 24.18.87.23:7716   24.18.87.23:7716

udp X.X.X.X (public):10005 10.10.14.60:10005 24.36.71.26:52350  24.36.71.26:52350

udp X.X.X.X (public):10005 10.10.14.60:10005 24.47.209.136:48838 24.47.209.136:4883

8

udp X.X.X.X (public):10005 10.10.14.60:10005 24.72.116.218:17737 24.72.116.218:1773

7

udp X.X.X.X (public):10005 10.10.14.60:10005 24.84.242.217:14701 24.84.242.217:1470

1

udp X.X.X.X (public):10005 10.10.14.60:10005 24.86.188.20:57274 24.86.188.20:57274

udp X.X.X.X (public):10005 10.10.14.60:10005 24.90.34.230:44822 24.90.34.230:44822

udp X.X.X.X (public):10005 10.10.14.60:10005 24.99.134.134:21733 24.99.134.134:2173

3

udp X.X.X.X (public):10005 10.10.14.60:10005 24.114.67.207:26005 24.114.67.207:2600

5

udp X.X.X.X (public):10005 10.10.14.60:10005 24.128.40.176:61137 24.128.40.176:6113

7

udp X.X.X.X (public):10005 10.10.14.60:10005 24.138.181.123:36374 24.138.181.123:36

374

udp X.X.X.X (public):10005 10.10.14.60:10005 24.147.202.235:43611 24.147.202.235:43

611

udp X.X.X.X (public):10005 10.10.14.60:10005 24.157.114.154:6881 24.157.114.154:688

1

udp X.X.X.X (public):10005 10.10.14.60:10005 24.171.234.2:31017 24.171.234.2:31017

udp X.X.X.X (public):10005 10.10.14.60:10005 24.185.132.12:43611 24.185.132.12:4361

1

udp X.X.X.X (public):10005 10.10.14.60:10005 24.202.247.41:51033 24.202.247.41:5103

3

udp X.X.X.X (public):10005 10.10.14.60:10005 24.232.138.138:51413 24.232.138.138:51

413

--More--

udp X.X.X.X (public):18427 10.10.30.179:18427 67.61.222.95:51259 67.61.222.95:51259

udp X.X.X.X (public):18427 10.10.30.179:18427 67.84.31.14:62348 67.84.31.14:62348

udp X.X.X.X (public):18427 10.10.30.179:18427 68.47.46.162:10643 68.47.46.162:10643

udp X.X.X.X (public):18427 10.10.30.179:18427 68.98.13.49:31178 68.98.13.49:31178

udp X.X.X.X (public):18427 10.10.30.179:18427 68.194.246.223:58684 68.194.246.223:5

8684

udp X.X.X.X (public):18427 10.10.30.179:18427 69.57.237.156:18684 69.57.237.156:186

84

udp X.X.X.X (public):18427 10.10.30.179:18427 69.80.10.236:48089 69.80.10.236:48089

udp X.X.X.X (public):18427 10.10.30.179:18427 69.141.58.153:25868 69.141.58.153:258

68

udp X.X.X.X (public):18427 10.10.30.179:18427 70.72.54.186:25522 70.72.54.186:25522

udp X.X.X.X (public):18427 10.10.30.179:18427 70.73.148.17:1500 70.73.148.17:1500

udp X.X.X.X (public):18427 10.10.30.179:18427 70.174.172.76:57732 70.174.172.76:577

32

udp X.X.X.X (public):18427 10.10.30.179:18427 70.190.201.240:51860 70.190.201.240:5

1860

udp X.X.X.X (public):18427 10.10.30.179:18427 71.23.64.66:17502 71.23.64.66:17502

udp X.X.X.X (public):18427 10.10.30.179:18427 71.49.104.228:38723 71.49.104.228:387

23

udp X.X.X.X (public):18427 10.10.30.179:18427 71.71.59.76:21664 71.71.59.76:21664

udp X.X.X.X (public):18427 10.10.30.179:18427 71.75.161.170:46454 71.75.161.170:464

54

udp X.X.X.X (public):18427 10.10.30.179:18427 71.229.13.206:11195 71.229.13.206:111

95

udp X.X.X.X (public):18427 10.10.30.179:18427 72.27.2.5:57433   72.27.2.5:57433

udp X.X.X.X (public):18427 10.10.30.179:18427 72.27.75.95:52825 72.27.75.95:52825

udp X.X.X.X (public):18427 10.10.30.179:18427 72.27.142.93:27973 72.27.142.93:27973

udp X.X.X.X (public):18427 10.10.30.179:18427 72.27.167.197:15423 72.27.167.197:154

23

udp X.X.X.X (public):18427 10.10.30.179:18427 72.27.214.99:23440 72.27.214.99:23440

udp X.X.X.X (public):18427 10.10.30.179:18427 72.49.61.128:18856 72.49.61.128:18856

udp X.X.X.X (public):18427 10.10.30.179:18427 72.252.154.45:18102 72.252.154.45:181

02

udp X.X.X.X (public):18427 10.10.30.179:18427 72.252.236.93:13366 72.252.236.93:133

66

udp X.X.X.X (public):18427 10.10.30.179:18427 74.73.9.252:50402 74.73.9.252:50402

udp X.X.X.X (public):18427 10.10.30.179:18427 74.192.171.49:22378 74.192.171.49:223

78

udp X.X.X.X (public):18427 10.10.30.179:18427 75.120.23.52:62348 75.120.23.52:62348

--More--

tcp X.X.X.X (public):54684 10.10.130.86:54684 61.12.169.43:15621 61.12.169.43:15621

tcp X.X.X.X (public):54685 10.10.130.86:54685 77.99.158.92:41234 77.99.158.92:41234

tcp X.X.X.X (public):54686 10.10.130.86:54686 142.177.59.206:12213 142.177.59.206:1

2213

tcp X.X.X.X (public):54688 10.10.130.86:54688 121.54.2.76:43611 121.54.2.76:43611

tcp X.X.X.X (public):54690 10.10.130.86:54690 175.137.91.14:19916 175.137.91.14:199

16

tcp X.X.X.X (public):54692 10.10.130.86:54692 75.18.241.119:44778 75.18.241.119:447

78

tcp X.X.X.X (public):54693 10.10.130.86:54693 50.178.213.31:51413 50.178.213.31:514

13

tcp X.X.X.X (public):54695 10.10.130.86:54695 77.194.136.214:52710 77.194.136.214:5

2710

tcp X.X.X.X (public):54697 10.10.130.86:54697 41.218.229.194:38389 41.218.229.194:3

8389

tcp X.X.X.X (public):54701 10.10.130.86:54701 84.208.242.0:11136 84.208.242.0:11136

tcp X.X.X.X (public):54702 10.10.130.86:54702 193.77.187.149:41265 193.77.187.149:4

1265

tcp X.X.X.X (public):1131 10.10.130.86:54704 202.152.86.225:23673 202.152.86.225:23

673

tcp X.X.X.X (public):54705 10.10.130.86:54705 37.142.220.138:42266 37.142.220.138:4

2266

tcp X.X.X.X (public):54706 10.10.130.86:54706 180.180.35.58:58300 180.180.35.58:583

00

tcp X.X.X.X (public):54708 10.10.130.86:54708 78.145.72.24:6881 78.145.72.24:6881

tcp X.X.X.X (public):54709 10.10.130.86:54709 98.248.107.58:31217 98.248.107.58:312

17

tcp X.X.X.X (public):54711 10.10.130.86:54711 75.94.237.115:33837 75.94.237.115:338

37

udp X.X.X.X (public):59858 10.10.130.196:59858 79.7.104.55:39932 79.7.104.55:39932

udp X.X.X.X (public):59858 10.10.130.196:59858 79.165.95.171:51413 79.165.95.171:51

413

udp X.X.X.X (public):59858 10.10.130.196:59858 81.206.252.146:27497 81.206.252.146:

27497

udp X.X.X.X (public):59858 10.10.130.196:59858 82.114.178.23:56219 82.114.178.23:56

219

udp X.X.X.X (public):59858 10.10.130.196:59858 82.114.178.72:56219 82.114.178.72:56

219

udp X.X.X.X (public):59858 10.10.130.196:59858 82.114.178.169:56219 82.114.178.169:

56219

udp X.X.X.X (public):59858 10.10.130.196:59858 82.114.178.218:31754 82.114.178.218:

31754

udp X.X.X.X (public):59858 10.10.130.196:59858 82.114.178.218:56219 82.114.178.218:

56219

udp X.X.X.X (public):59858 10.10.130.196:59858 82.180.25.86:6882 82.180.25.86:6882

udp X.X.X.X (public):59858 10.10.130.196:59858 83.149.19.181:58296 83.149.19.181:58

296

udp X.X.X.X (public):59858 10.10.130.196:59858 83.149.48.49:2300 83.149.48.49:2300

udp X.X.X.X (public):59858 10.10.130.196:59858 84.39.117.57:18498 84.39.117.57:1849

8

udp X.X.X.X (public):59858 10.10.130.196:59858 84.40.108.49:63922 84.40.108.49:6392

2

udp X.X.X.X (public):59858 10.10.130.196:59858 84.108.71.37:64413 84.108.71.37:6441

3

udp X.X.X.X (public):59858 10.10.130.196:59858 84.122.121.36:10523 84.122.121.36:10

523

udp X.X.X.X (public):59858 10.10.130.196:59858 85.172.162.39:65182 85.172.162.39:65

182

udp X.X.X.X (public):59858 10.10.130.196:59858 85.192.189.195:18852 85.192.189.195:

18852

udp X.X.X.X (public):59858 10.10.130.196:59858 86.71.176.127:61543 86.71.176.127:61

543

udp X.X.X.X (public):59858 10.10.130.196:59858 86.157.152.96:50813 86.157.152.96:50

813

udp X.X.X.X (public):59858 10.10.130.196:59858 87.69.88.99:51413 87.69.88.99:51413

udp X.X.X.X (public):59858 10.10.130.196:59858 87.207.66.197:49001 87.207.66.197:49

001

udp X.X.X.X (public):59858 10.10.130.196:59858 88.204.7.236:80  88.204.7.236:80

--More--

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card