Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX515 : Ver 6.3.(4)- Prot scan restriction

Hi All,

One of customers PIX logging "106023" messages every second. per cisco doc looks like port scan attack. As the source is varrying from various IPs, is there any way to restrict this..?

Thank you

MS

***************************************

Error Message %PIX|ASA-4-106023: Deny protocol src

[interface_name:source_address/source_port] dst

interface_name:dest_address/dest_port [type {string}, code {code}] by

access_group acl_ID

Explanation An IP packet was denied by the ACL. This message displays even if you do not have the log option enabled for an ACL.

Recommended Action : If messages persist from the same source address, messages might indicate a foot-printing or port-scanning attempt. Contact the remote host administrators.

***********************************

186
Views
0
Helpful
0
Replies