Hi,
It is the description in the Cisco Web.
If the message is showned too many,Is it a signal of attack ? Or other possible reason ?
Thanks !
2006-02-08 08:04:26 Local4.Info 10.54.2.2 %PIX-6-106015: Deny TCP (no connection) from 172.27.1.253/1061 to x.x.242.138/80 flags RST on interface inside
2006-02-08 08:04:26 Local4.Info 10.54.2.2 %PIX-6-106015: Deny TCP (no connection) from 172.27.1.253/1061 to x.x.242.138/80 flags RST on interface inside
2006-02-08 08:04:26 Local4.Info 10.54.2.2 %PIX-6-106015: Deny TCP (no connection) from 172.27.1.253/1061 to x.x7.242.138/80 flags RST on interface inside
2006-02-08 08:04:26 Local4.Info 10.54.2.2 %PIX-6-106015: Deny TCP (no connection) from 172.27.1.253/1061 to x.x.242.138/80 flags RST on interface inside
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a008051a0cd.html#wp1020204
106015
Error Message %PIX-6-106015: Deny TCP (no connection) from IP_address/port to
IP_address/port flags tcp_flags on interface interface_name.
Explanation This message is logged when the firewall discards a TCP packet that has no associated connection in the firewall unit's connection table. The firewall looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the firewall discards the packet.
Recommended Action None required unless the firewall receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.