Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
408
Views
0
Helpful
1
Replies

pix syslog message definition

t.moxon
Level 1
Level 1

‎10-27-2003 09:43 PM - edited ‎02-20-2020 11:03 PM

Is this an inbound connection being built by outside address 10.36.24.31 to 208.222.141.30 on successive tcp port 4220... or on port 13577 Is this pc 10.36.24.31 infected? Its on vpn where connectivity is there but can run outlook or intranet web site.

Oct 27 17:57:14 [10.0.8.4.2.2] Oct 27 2003 19:02:15: %PIX-6-302002: Teardown TCP connection 19674279 faddr 10.36.24.31/4

220 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:14 [10.0.8.5.2.2] Oct 27 2003 19:00:28: %PIX-6-302002: Teardown TCP connection 19674279 faddr 10.36.24.31/4

220 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:15 [10.0.8.4.2.2] Oct 27 2003 19:02:15: %PIX-6-302001: Built inbound TCP connection 19674289 for faddr 10.3

6.24.31/4220 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:15 [10.0.8.5.2.2] Oct 27 2003 19:00:29: %PIX-6-302001: Built inbound TCP connection 19674288 for faddr 10.3

6.24.31/4220 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:15 [10.0.8.4.2.2] Oct 27 2003 19:02:16: %PIX-6-302002: Teardown TCP connection 19674289 faddr 10.36.24.31/4

220 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:15 [10.0.8.5.2.2] Oct 27 2003 19:00:29: %PIX-6-302002: Teardown TCP connection 19674289 faddr 10.36.24.31/4

220 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:15 [10.0.8.5.2.2] Oct 27 2003 19:00:30: %PIX-6-302001: Built inbound TCP connection 19674298 for faddr 10.3

6.24.31/4220 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:15 [10.0.8.4.2.2] Oct 27 2003 19:02:16: %PIX-6-302001: Built inbound TCP connection 19674299 for faddr 10.3

6.24.31/4220 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:16 [10.0.8.5.2.2] Oct 27 2003 19:00:30: %PIX-6-302002: Teardown TCP connection 19674299 faddr 10.36.24.31/4

220 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:16 [10.0.8.4.2.2] Oct 27 2003 19:02:17: %PIX-6-302002: Teardown TCP connection 19674299 faddr 10.36.24.31/4

220 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:20 [10.0.8.4.2.2] Oct 27 2003 19:02:21: %PIX-6-302001: Built inbound TCP connection 19674350 for faddr 10.3

6.24.31/4221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:20 [10.0.8.5.2.2] Oct 27 2003 19:00:34: %PIX-6-302001: Built inbound TCP connection 19674348 for faddr 10.3

6.24.31/4221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:20 [10.0.8.4.2.2] Oct 27 2003 19:02:21: %PIX-6-302002: Teardown TCP connection 19674350 faddr 10.36.24.31/4

221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:20 [10.0.8.5.2.2] Oct 27 2003 19:00:34: %PIX-6-302002: Teardown TCP connection 19674350 faddr 10.36.24.31/4

221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:21 [10.0.8.4.2.2] Oct 27 2003 19:02:22: %PIX-6-302001: Built inbound TCP connection 19674358 for faddr 10.3

6.24.31/4221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:21 [10.0.8.5.2.2] Oct 27 2003 19:00:35: %PIX-6-302001: Built inbound TCP connection 19674357 for faddr 10.3

6.24.31/4221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:21 [10.0.8.4.2.2] Oct 27 2003 19:02:22: %PIX-6-302002: Teardown TCP connection 19674358 faddr 10.36.24.31/4

221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:21 [10.0.8.5.2.2] Oct 27 2003 19:00:36: %PIX-6-302002: Teardown TCP connection 19674358 faddr 10.36.24.31/4

221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:22 [10.0.8.5.2.2] Oct 27 2003 19:00:37: %PIX-6-302001: Built inbound TCP connection 19674369 for faddr 10.3

6.24.31/4221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:22 [10.0.8.4.2.2] Oct 27 2003 19:02:23: %PIX-6-302001: Built inbound TCP connection 19674370 for faddr 10.3

6.24.31/4221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:22 [10.0.8.5.2.2] Oct 27 2003 19:00:37: %PIX-6-302002: Teardown TCP connection 19674370 faddr 10.36.24.31/4

221 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:22 [10.0.8.4.2.2] Oct 27 2003 19:02:23: %PIX-6-302002: Teardown TCP connection 19674370 faddr 10.36.24.31/4

221 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:27 [10.0.8.4.2.2] Oct 27 2003 19:02:28: %PIX-6-302001: Built inbound TCP connection 19674427 for faddr 10.3

6.24.31/4222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:27 [10.0.8.5.2.2] Oct 27 2003 19:00:41: %PIX-6-302001: Built inbound TCP connection 19674426 for faddr 10.3

6.24.31/4222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:27 [10.0.8.4.2.2] Oct 27 2003 19:02:28: %PIX-6-302002: Teardown TCP connection 19674427 faddr 10.36.24.31/4

222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:27 [10.0.8.5.2.2] Oct 27 2003 19:00:41: %PIX-6-302002: Teardown TCP connection 19674427 faddr 10.36.24.31/4

222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:28 [10.0.8.4.2.2] Oct 27 2003 19:02:29: %PIX-6-302001: Built inbound TCP connection 19674430 for faddr 10.3

6.24.31/4222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:28 [10.0.8.5.2.2] Oct 27 2003 19:00:42: %PIX-6-302001: Built inbound TCP connection 19674429 for faddr 10.3

6.24.31/4222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:28 [10.0.8.4.2.2] Oct 27 2003 19:02:29: %PIX-6-302002: Teardown TCP connection 19674430 faddr 10.36.24.31/4

222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:28 [10.0.8.5.2.2] Oct 27 2003 19:00:42: %PIX-6-302002: Teardown TCP connection 19674430 faddr 10.36.24.31/4

222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:28 [10.0.8.4.2.2] Oct 27 2003 19:02:29: %PIX-6-302001: Built inbound TCP connection 19674433 for faddr 10.3

6.24.31/4222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:28 [10.0.8.5.2.2] Oct 27 2003 19:00:43: %PIX-6-302001: Built inbound TCP connection 19674432 for faddr 10.3

6.24.31/4222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:29 [10.0.8.4.2.2] Oct 27 2003 19:02:30: %PIX-6-302002: Teardown TCP connection 19674433 faddr 10.36.24.31/4

222 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:29 [10.0.8.5.2.2] Oct 27 2003 19:00:43: %PIX-6-302002: Teardown TCP connection 19674433 faddr 10.36.24.31/4

222 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:33 [10.0.8.4.2.2] Oct 27 2003 19:02:34: %PIX-6-302001: Built inbound TCP connection 19674483 for faddr 10.3

6.24.31/4223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:33 [10.0.8.5.2.2] Oct 27 2003 19:00:47: %PIX-6-302001: Built inbound TCP connection 19674482 for faddr 10.3

6.24.31/4223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:33 [10.0.8.4.2.2] Oct 27 2003 19:02:34: %PIX-6-302002: Teardown TCP connection 19674483 faddr 10.36.24.31/4

223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:33 [10.0.8.5.2.2] Oct 27 2003 19:00:47: %PIX-6-302002: Teardown TCP connection 19674483 faddr 10.36.24.31/4

223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:34 [10.0.8.5.2.2] Oct 27 2003 19:00:48: %PIX-6-302001: Built inbound TCP connection 19674486 for faddr 10.3

6.24.31/4223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:34 [10.0.8.4.2.2] Oct 27 2003 19:02:35: %PIX-6-302001: Built inbound TCP connection 19674487 for faddr 10.3

6.24.31/4223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:34 [10.0.8.4.2.2] Oct 27 2003 19:02:35: %PIX-6-302002: Teardown TCP connection 19674487 faddr 10.36.24.31/4

223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:34 [10.0.8.5.2.2] Oct 27 2003 19:00:48: %PIX-6-302002: Teardown TCP connection 19674487 faddr 10.36.24.31/4

223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:35 [10.0.8.4.2.2] Oct 27 2003 19:02:36: %PIX-6-302001: Built inbound TCP connection 19674494 for faddr 10.3

6.24.31/4223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

Oct 27 17:57:35 [10.0.8.5.2.2] Oct 27 2003 19:00:49: %PIX-6-302001: Built inbound TCP connection 19674492 for faddr 10.3

6.24.31/4223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577

Oct 27 17:57:35 [10.0.8.5.2.2] Oct 27 2003 19:00:49: %PIX-6-302002: Teardown TCP connection 19674494 faddr 10.36.24.31/4

223 gaddr 10.36.24.31/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:35 [10.0.8.4.2.2] Oct 27 2003 19:02:36: %PIX-6-302002: Teardown TCP connection 19674494 faddr 10.36.24.31/4

223 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577 duration 0:00:00 bytes 0 (TCP Reset-I)

Oct 27 17:57:39 [10.0.8.4.2.2] Oct 27 2003 19:02:40: %PIX-6-302001: Built inbound TCP connection 19674522 for faddr 10.3

6.24.31/4224 gaddr 208.222.141.30/13577 laddr 208.222.141.30/13577

0 Helpful
1 Reply 1

umedryk
Level 5
Level 5

‎10-31-2003 12:05 PM

This looks like an inbound connection being built by outside address 10.36.24.31 to 208.222.141.30 on successive tcp port 4220.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card