Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

show log

I make show logging. I see following message

Oct 24 11:18:57 MSK: %SEC-6-IPACCESSLOGP: list 105 denied udp 83.136.245.74(137) (FastEthernet0/0.200 000e.a6a2.572f) -> 192.168.1.50(137), 5 packets FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 7AFC 00B4 D5DD 3D82 1002 0601 0400 0100 0102 0280 0002 0202 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 7AFC 00B4 D5DD 3D82 1002 0601 0400 0100 0102 0280 0002 0202 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 7AFC 00B4 D5DD 3D82 1002 0601 0400 0100 0102 0280 0002 0202 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 7AFC 00B4 D5DD 3D82 1002 0601 0400 0100 0102 0280 0002 0202 00 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 7AFC 00B4 D5DD 3D82 1002 0601 0400 0100 0102 0280 0002 0202 00

What is this?

4 REPLIES
Community Member

Re: show log

It seems as if access list logging feature is enabled on the device.

Community Member

Re: show log

Yes, of course.

I use access-lists.

What means hexademical-codes after first prompt?

Community Member

Re: show log

Error Message

%SEC-6-IPACCESSLOGNP: list [dec] [chars] [dec] [inet] -> [inet], [dec] packet[chars]

Explanation A packet matching the log criteria for the given access list was detected.

Recommended Action Informational message only. No action required.

The hex looks like [chars]

Re: show log

Hi

As mentioned by other poster its the log enabled in conjunction with the Access list configured.

PORT 137 related to UDP or TCP mainly used by Blaster worm to propagate.

It also uses ports 135 and tftp ports too in addition to the above mentioned port.

Though its blocking the same i would suggest to chek and harden your local workstations with required patches also with latest antivirus updates in them.

regds

211
Views
0
Helpful
4
Replies
CreatePlease to create content