possible fraud attempt and phising on my mail logs
spart cus
linux_spartacus at yahoo.com
Wed Feb 8 10:34:34 GMT 2006
hi guys,
found this logs on my mail server about possible fraud attempt and phising.
is this normal ?
Found ip-based phishing fraud from 10.2.0.0
Found ip-based phishing fraud from 255.255.255.255
Found ip-based phishing fraud from 10.1.0.0
Found ip-based phishing fraud from 255.255.255.255
. MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee
Sent: Wednesday, February 08, 2006 6:01 PM
- Show quoted text -
\n Subject: Fwd: 16 new messages in 8 topics \n - digest
\n
---------- Forwarded message ----------
From: comp.dcom.sys.cisco \n group <noreply at googlegroups.com>
Date: \n Feb 8, 2006 5:03 PM
Subject: 16 new messages in 8 topics - digest
To: \n "comp.dcom.sys.cisco digest subscribers" <comp.dcom.sys.cisco at googlegroups.com \n >
comp.dcom.sys.cisco
http://groups.google.com/group/comp.dcom.sys.cisco
comp.dcom.sys.cisco at googlegroups.com
Today\'s \n topics:
* getting in - 4 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f48de60251014965 \n
* memory - 4 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/235ec15b218debea \n
* Which switch? - 1 messages, 1 author
http://groups.google.com/group",1] ); //-->- Show quoted text -
Subject: Fwd: 16 new messages in 8 topics - digest
---------- Forwarded message ----------
From: comp.dcom.sys.cisco group <noreply at googlegroups.com>
Date: Feb 8, 2006 5:03 PM
Subject: 16 new messages in 8 topics - digest
To: "comp.dcom.sys.cisco digest subscribers" <comp.dcom.sys.cisco at googlegroups.com >
comp.dcom.sys.cisco
http://groups.google.com/group/comp.dcom.sys.cisco
comp.dcom.sys.cisco at googlegroups.com
Today's topics:
* getting in - 4 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f48de60251014965
* memory - 4 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/235ec15b218debea
* Which switch? - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/a6263c2a6cf2f5ab \n
* Definitive max flash/DRAM for a 2621 non-XM - 1 messages, 1 \n author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f7c8f2baa300293e \n
* C3750 Layer 3 Switching and VLANs - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d9a76f870e6b9fd0 \n
* PIX to PIX VPN problem - 3 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d8ca3eca037301b1 \n
* AP1200 wds server hanging - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/ebddeedf52725a9 \n
* IOS for 1401. - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f0db579a12642f33 \n
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
TOPIC: \n getting in
",1] ); //-->/comp.dcom.sys.cisco/browse_thread/thread/a6263c2a6cf2f5ab
* Definitive max flash/DRAM for a 2621 non-XM - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f7c8f2baa300293e
* C3750 Layer 3 Switching and VLANs - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d9a76f870e6b9fd0
* PIX to PIX VPN problem - 3 messages, 2 authors
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d8ca3eca037301b1
* AP1200 wds server hanging - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/ebddeedf52725a9
* IOS for 1401. - 1 messages, 1 author
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f0db579a12642f33
==============================================================================
TOPIC: getting in
/comp.dcom.sys.cisco/browse_thread/thread/f48de60251014965 \n
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 4 \u003d\u003d
Date: Wed, Feb 8 2006 4:16am
From: roberson at hushmail.com (Walter \n Roberson)
In article <1139371420.774575.279580 at f14g2000cwb.googlegroups.com>,
<fatlobsterman at yahoo.com > \n wrote:
[PIX 515E]
>thanks for replying so wuickly. I don\'t even \n know how to do that. I
>have it hooked to my pc but I heard that I have \n to match ip addresses
>and telnet which is way beyong my knowledge. Is \n it a big deal to do all
>of this?
Take the serial cable you got \n with the PIX 515E. Connect it to
a serial port on your PC. Plug the RJ45 \n end into the "console" connection
on the 515E. If you don\'t know which one \n that is, look at the
diagram at
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/hig63/515.htm#wp1037358
Then \n on your PC, fire up Hyperterm and set it to use the appropriate
COM port at \n 9600 8 N 1. Now press return in the Hyperterm window.
Alternately, \n follow the instructions in chapter 3 of the Quick Start
Guide at
http://www.cisco.com/univercd",1] ); //-->http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f48de60251014965
==============================================================================
== 1 of 4 ==
Date: Wed, Feb 8 2006 4:16am
From: roberson at hushmail.com (Walter Roberson)
In article <1139371420.774575.279580 at f14g2000cwb.googlegroups.com>,
<fatlobsterman at yahoo.com > wrote:
[PIX 515E]
>thanks for replying so wuickly. I don't even know how to do that. I
>have it hooked to my pc but I heard that I have to match ip addresses
>and telnet which is way beyong my knowledge. Is it a big deal to do all
>of this?
Take the serial cable you got with the PIX 515E. Connect it to
a serial port on your PC. Plug the RJ45 end into the "console" connection
on the 515E. If you don't know which one that is, look at the
diagram at
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/hig63/515.htm#wp1037358
Then on your PC, fire up Hyperterm and set it to use the appropriate
COM port at 9600 8 N 1. Now press return in the Hyperterm window.
Alternately, follow the instructions in chapter 3 of the Quick Start
Guide at
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63qsg/515quick.pdf
\u003d\u003d \n 2 of 4 \u003d\u003d
Date: Tues, Feb 7 2006 8:35pm
From: fatlobsterman at yahoo.com
are \n you referring to using the pcterminal adapter with the rj45into the
console \n like in figure 4-7?
\u003d\u003d 3 of 4 \u003d\u003d
Date: Tues, Feb 7 2006 \n 8:56pm
From: fatlobsterman at yahoo.com
I \n think I may be in if that is the way that you were referring to. I
used \n com3 with the other info you gave me and hyperterminal says
connected but \n show version does nothering- what else can I do?\\
\u003d\u003d 4 of 4 \n \u003d\u003d
Date: Wed, Feb 8 2006 6:15am
From: roberson at hushmail.com (Walter \n Roberson)
In article <1139374576.472587.175160 at o13g2000cwo.googlegroups.com>,
< fatlobsterman at yahoo.com> \n wrote:
[PIX 515E]
>I think I may be in if that is the way that \n you were referring to.
I don\'t use googlegroups for actively reading \n postings (only
when I am researching old postings), so your previous \n postings
are not visible on my screen. It would therefore be \n appreciated
if you would follow the Usenet convention of quoting enough \n of
the previous conversation to establish the context of your \n remarks.
For example if you go back and re-read your message in \n isolation,
you will see that there is no reference present as to what \n kind",1] ); //-->/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63qsg/515quick.pdf
== 2 of 4 ==
Date: Tues, Feb 7 2006 8:35pm
From: fatlobsterman at yahoo.com
are you referring to using the pcterminal adapter with the rj45into the
console like in figure 4-7?
== 3 of 4 ==
Date: Tues, Feb 7 2006 8:56pm
From: fatlobsterman at yahoo.com
I think I may be in if that is the way that you were referring to. I
used com3 with the other info you gave me and hyperterminal says
connected but show version does nothering- what else can I do?\
== 4 of 4 ==
Date: Wed, Feb 8 2006 6:15am
From: roberson at hushmail.com (Walter Roberson)
In article <1139374576.472587.175160 at o13g2000cwo.googlegroups.com>,
< fatlobsterman at yahoo.com> wrote:
[PIX 515E]
>I think I may be in if that is the way that you were referring to.
I don't use googlegroups for actively reading postings (only
when I am researching old postings), so your previous postings
are not visible on my screen. It would therefore be appreciated
if you would follow the Usenet convention of quoting enough of
the previous conversation to establish the context of your remarks.
For example if you go back and re-read your message in isolation,
you will see that there is no reference present as to what kindof device you are using -- that\'s why I stuck the "[PIX 515E]" \n in,
to give back that necessary context.
>I used com3 with \n the other info you gave me and hyperterminal says
>connected but show \n version does nothering- what else can I do?\\
You haven\'t provided any \n information about what kind of
PC you are using or how it is set up, so I \n will have to make
wild guesses here.
In most PCs that I have seen, \n COM3 is either not connected at all,
or is a modem port; the standard \n serial ports that are connected
are COM1 and COM2. On most laptops that I \n have seen, the standard
serial ports are COM1 and COM3 with COM2 not \n present, and COM3
usually being a modem port. So, lacking further \n information, I
would -suspect- that you have used the wrong COM port number \n and
that if you are talking to anything, you are talking to a \n modem.
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
TOPIC: \n memory
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/235ec15b218debea \n
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 4 \u003d\u003d
Date: Tues, Feb 7 2006 8:18pm
From: fatlobsterman at yahoo.com
I \n have 2 pix- one is a 515e-UR and the other is 515e-FO. I don\'t even
know \n how to get into the pix. I have it hooked up to my PC but I am
clueless \n when it comes to these. Is there a place where I can go or
could you \n possibly help me get it to get that information. I was told
that I have to \n set up the same ips and telnet but again, I\'m clueless
when it comes to \n this but I do know my way around PCs very well just to",1] ); //-->
of device you are using -- that's why I stuck the "[PIX 515E]" in,
to give back that necessary context.
>I used com3 with the other info you gave me and hyperterminal says
>connected but show version does nothering- what else can I do?\
You haven't provided any information about what kind of
PC you are using or how it is set up, so I will have to make
wild guesses here.
In most PCs that I have seen, COM3 is either not connected at all,
or is a modem port; the standard serial ports that are connected
are COM1 and COM2. On most laptops that I have seen, the standard
serial ports are COM1 and COM3 with COM2 not present, and COM3
usually being a modem port. So, lacking further information, I
would -suspect- that you have used the wrong COM port number and
that if you are talking to anything, you are talking to a modem.
==============================================================================
TOPIC: memory
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/235ec15b218debea
==============================================================================
== 1 of 4 ==
Date: Tues, Feb 7 2006 8:18pm
From: fatlobsterman at yahoo.com
I have 2 pix- one is a 515e-UR and the other is 515e-FO. I don't even
know how to get into the pix. I have it hooked up to my PC but I am
clueless when it comes to these. Is there a place where I can go or
could you possibly help me get it to get that information. I was told
that I have to set up the same ips and telnet but again, I'm clueless
when it comes to this but I do know my way around PCs very well just togive you an idea of \n my knowledge.
thanks
\u003d\u003d 2 of 4 \u003d\u003d
Date: Tues, \n Feb 7 2006 8:54pm
From: fatlobsterman at yahoo.com
I \n think that I am logged in b/c hypertermal is saying I\'m connected- I
used \n the serial to rj45 to the console on the back- I used com 3 is
that \n alright? maybe it is since I am connected but I tried shpow
version in the \n hyperterminal window and nothing happens
\u003d\u003d 3 of 4 \n \u003d\u003d
Date: Tues, Feb 7 2006 8:54pm
From: fatlobsterman at yahoo.com
I \n think that I am logged in b/c hypertermal is saying I\'m connected- I
used \n the serial to rj45 to the console on the back- I used com 3 is
that \n alright? maybe it is since I am connected but I tried shpow
version in the \n hyperterminal window and nothing happens
\u003d\u003d 4 of 4 \n \u003d\u003d
Date: Tues, Feb 7 2006 10:07pm
From: "J"
Honestly I don\'t know \n if I could walk you through this. Connecting to
the console \n could be an all day speaking event for some people. Do you
have \n the right cable, a serial port or USB adapter, and DB9 adapter \n if
applicable? What COM port are you on. Are you \n using the 9600 8N1
settings? Do you know the password for the \n device? Do you have the
necessary file to attempt password \n recovery? There are too many
unknowns for me to be of any real \n assistance. I googled for "cisco
console howto" and found a few \n useful hits.
http://www.google.com/search?hl\u003den&q\u003dcisco+console+howto&btnG\u003dGoogle+Search
Setting \n up a Pix is certainly not a trivial manner. I recommend ",1] ); //-->
give you an idea of my knowledge.
thanks
== 2 of 4 ==
Date: Tues, Feb 7 2006 8:54pm
From: fatlobsterman at yahoo.com
I think that I am logged in b/c hypertermal is saying I'm connected- I
used the serial to rj45 to the console on the back- I used com 3 is
that alright? maybe it is since I am connected but I tried shpow
version in the hyperterminal window and nothing happens
== 3 of 4 ==
Date: Tues, Feb 7 2006 8:54pm
From: fatlobsterman at yahoo.com
I think that I am logged in b/c hypertermal is saying I'm connected- I
used the serial to rj45 to the console on the back- I used com 3 is
that alright? maybe it is since I am connected but I tried shpow
version in the hyperterminal window and nothing happens
== 4 of 4 ==
Date: Tues, Feb 7 2006 10:07pm
From: "J"
Honestly I don't know if I could walk you through this. Connecting to
the console could be an all day speaking event for some people. Do you
have the right cable, a serial port or USB adapter, and DB9 adapter if
applicable? What COM port are you on. Are you using the 9600 8N1
settings? Do you know the password for the device? Do you have the
necessary file to attempt password recovery? There are too many
unknowns for me to be of any real assistance. I googled for "cisco
console howto" and found a few useful hits.
http://www.google.com/search?hl=en&q=cisco+console+howto&btnG=Google+Search
Setting up a Pix is certainly not a trivial manner. I recommend finding \n a person qualified to take on the task. I could write a book
on \n nothing but Pix basics and still not cover everything you \n should
know. Someone else may be able to provide better input \n than I. Best
of \n luck.
J
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
TOPIC: \n Which switch?
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/a6263c2a6cf2f5ab
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 1 \u003d\u003d
Date: Tues, Feb 7 2006 8:28pm
From: "www.BradReese.Com"
Andrew,
The \n 2005 Cisco Product Guide has a good matrix:
http://www.bradreese.com/2005-cisco-guide.htm \n
Found at Cisco Product Guides:
http://www.bradreese.com/refurbished-cisco-product-guide.htm
Sincerely,
Brad \n Reese
BradReese.Com Cisco Engineers
http://www.BradReese.Com
1293 \n Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA \n & Canada: 877-549-2680
International: 828-277-7272 \n
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
TOPIC: \n Definitive max flash/DRAM for a 2621 non-XM
",1] ); //-->
finding a person qualified to take on the task. I could write a book
on nothing but Pix basics and still not cover everything you should
know. Someone else may be able to provide better input than I. Best
of luck.
J
==============================================================================
TOPIC: Which switch?
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/a6263c2a6cf2f5ab
==============================================================================
== 1 of 1 ==
Date: Tues, Feb 7 2006 8:28pm
From: "www.BradReese.Com"
Andrew,
The 2005 Cisco Product Guide has a good matrix:
http://www.bradreese.com/2005-cisco-guide.htm
Found at Cisco Product Guides:
http://www.bradreese.com/refurbished-cisco-product-guide.htm
Sincerely,
Brad Reese
BradReese.Com Cisco Engineers
http://www.BradReese.Com
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272
==============================================================================
TOPIC: Definitive max flash/DRAM for a 2621 non-XM
/comp.dcom.sys.cisco/browse_thread/thread/f7c8f2baa300293e
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 1 \u003d\u003d
Date: Tues, Feb 7 2006 8:44pm
From: "J"
I thought for \n sure the 2621 I had was an XM but apparently it\'s not.
I\'m not sure how I \n missed it but I did. I need to be able to run a
PPPoE client on \n this guy. Unfortunately it looks like that feature is
only \n found in the advanced entreprise services code which require 96MB
DRAM and \n 32MB flash for 12.3. This 2621 is running \n 64/16. I\'ve
researched the max resources for the 2621 on both \n Google and Cisco\'s
website and have gotten mixed results. What\'s \n the definitive maximum
flash and DRAM for this router?
Does anyone \n else have any ideas for running a PPPoE client on this
router rather than \n running \n c2600-adventerprisek9-mz.123-4.xd1?
Thanks
J
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d \n
TOPIC: C3750 Layer 3 Switching and VLANs
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d9a76f870e6b9fd0 \n
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 1 \u003d\u003d
Date: Tues, Feb 7 2006 8:45pm
From: "NETADMIN"
Hi \n Lutz..
>>Hi Lutz - thanks a million for the reply - I was looking \n into VACLs and
>>all sorts - didn\'t think it was as easy as that! I \n am just wondering if
>>you could also provide an example on \n configuring the L3 part of the
>>switch?
Is posted ",1] ); //-->http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/f7c8f2baa300293e
==============================================================================
== 1 of 1 ==
Date: Tues, Feb 7 2006 8:44pm
From: "J"
I thought for sure the 2621 I had was an XM but apparently it's not.
I'm not sure how I missed it but I did. I need to be able to run a
PPPoE client on this guy. Unfortunately it looks like that feature is
only found in the advanced entreprise services code which require 96MB
DRAM and 32MB flash for 12.3. This 2621 is running 64/16. I've
researched the max resources for the 2621 on both Google and Cisco's
website and have gotten mixed results. What's the definitive maximum
flash and DRAM for this router?
Does anyone else have any ideas for running a PPPoE client on this
router rather than running c2600-adventerprisek9-mz.123-4.xd1?
Thanks
J
==============================================================================
TOPIC: C3750 Layer 3 Switching and VLANs
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d9a76f870e6b9fd0
==============================================================================
== 1 of 1 ==
Date: Tues, Feb 7 2006 8:45pm
From: "NETADMIN"
Hi Lutz..
>>Hi Lutz - thanks a million for the reply - I was looking into VACLs and
>>all sorts - didn't think it was as easy as that! I am just wondering if
>>you could also provide an example on configuring the L3 part of the
>>switch?
Is posted not by \n me
Thanks,
NETADMIN
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
TOPIC: \n PIX to PIX VPN problem
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d8ca3eca037301b1
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d
\u003d\u003d \n 1 of 3 \u003d\u003d
Date: Wed, Feb 8 2006 5:00am
From: John Scholvin
In \n article <BVaGf.581257$ki.478851 at pd7tw2no>,
Walter Roberson <roberson at hushmail.com> \n wrote:
>No, when you are ssh\'d in and you use \'debug\' commands, the \n output goes
>to your ssh session. You might possibly need to adjust \n the
>"logging monitor" level but I don\'t think so.
Weird...this \n never worked for me. I tried turning on all kinds of debug and
saw none of \n it in my ssh session. But I did manage to use "logging console"
to see \n some debug output on the console port, so I made progress on my \n problem.
I\'ll have to come back to this after I solve the more pressing \n crisis...
Thanks,
john
--
John \n Scholvin -- john at scholvin.com -- an \n E7b5#9 man in an F major world
\u003d\u003d 2 of 3 \u003d\u003d
Date: Wed, Feb 8 \n 2006 5:29am
From: John Scholvin
In article < \n ds8duj$1bu$1 at chessie.cirr.com>,
John Scholvin <",1] ); //-->ryanfinne... at hotmail.com not by me
Thanks,
NETADMIN
==============================================================================
TOPIC: PIX to PIX VPN problem
http://groups.google.com/group/comp.dcom.sys.cisco/browse_thread/thread/d8ca3eca037301b1
==============================================================================
== 1 of 3 ==
Date: Wed, Feb 8 2006 5:00am
From: John Scholvin
In article <BVaGf.581257$ki.478851 at pd7tw2no>,
Walter Roberson <roberson at hushmail.com> wrote:
>No, when you are ssh'd in and you use 'debug' commands, the output goes
>to your ssh session. You might possibly need to adjust the
>"logging monitor" level but I don't think so.
Weird...this never worked for me. I tried turning on all kinds of debug and
saw none of it in my ssh session. But I did manage to use "logging console"
to see some debug output on the console port, so I made progress on my problem.
I'll have to come back to this after I solve the more pressing crisis...
Thanks,
john
--
John Scholvin -- john at scholvin.com -- an E7b5#9 man in an F major world
== 2 of 3 ==
Date: Wed, Feb 8 2006 5:29am
From: John Scholvin
In article < ds8duj$1bu$1 at chessie.cirr.com>,
John Scholvin <> \n wrote:
>
>I am trying to establish a VPN tunnel between 2 PIX \n 506E\'s. This is, for
>now, as straightforward a setup as there could \n be:
>
>private LAN 1 --- PIX 1 ----- internet ----- PIX 2 ----- \n private LAN 2
>
>The problem is that the pixen don\'t seem to even \n want to get to phase 1
>negotiations. "show isakmp sa" \n returns 0 associations on both sides.
OK, I worked around the weird \n debug problem I had (thanks for the tips!) and
now I have the two pixes \n connected through isakmp phase II. But they still
won\'t pass \n traffic.
Here\'s is my theory. One of the pixes handles incoming VPN \n client connections
in addition to the "dedicated" connection to the other \n pix. Looking at the output
from "show ipsec sa" on that dual-purpose pix, I \n see something funny right at the
top:
interface: \n outside
",1] ); //-->john at scholvin.com.REMOVETHIS> wrote:
>
>I am trying to establish a VPN tunnel between 2 PIX 506E's. This is, for
>now, as straightforward a setup as there could be:
>
>private LAN 1 --- PIX 1 ----- internet ----- PIX 2 ----- private LAN 2
>
>The problem is that the pixen don't seem to even want to get to phase 1
>negotiations. "show isakmp sa" returns 0 associations on both sides.
OK, I worked around the weird debug problem I had (thanks for the tips!) and
now I have the two pixes connected through isakmp phase II. But they still
won't pass traffic.
Here's is my theory. One of the pixes handles incoming VPN client connections
in addition to the "dedicated" connection to the other pix. Looking at the output
from "show ipsec sa" on that dual-purpose pix, I see something funny right at the
top:
interface: outside
Crypto map tag: CRYPTO_MAP, local addr. MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical \n links are often malicious: ee.ee.ee.ee
\n local ident (addr/mask/prot/port): (MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: 10.1.0.0/255.255.0.0/0/0 \n )
remote ident (addr/mask/prot/port): (MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: \n 10.2.0.0/255.255.0.0/0/0)
current_peer: MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc:500" claiming to be MailScanner warning: \n numerical links are often malicious: \n cc.cc.cc.cc:500
dynamic allocated peer ip: MailScanner has detected a possible fraud attempt from "0.0.0.0" claiming to be MailScanner warning: numerical links \n are often malicious: 0.0.0.0
",1] ); //--> Crypto map tag: CRYPTO_MAP, local addr. MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee
local ident (addr/mask/prot/port): (MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.0.0/255.255.0.0/0/0 )
remote ident (addr/mask/prot/port): (MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.2.0.0/255.255.0.0/0/0)
current_peer: MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc:500" claiming to be MailScanner warning: numerical links are often malicious: cc.cc.cc.cc:500
dynamic allocated peer ip: MailScanner has detected a possible fraud attempt from "0.0.0.0" claiming to be MailScanner warning: numerical links are often malicious: 0.0.0.0
MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical \n links are often malicious: ee.ee.ee.ee and MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc" claiming to be MailScanner warning: numerical \n links are often malicious: cc.cc.cc.cc are the public IPs of \n the pixes)",1] ); D(["mb","
That dynamically allocated peer doesn\'t make sense to me. \n The other pix
doesn\'t have that line in the output. I\'m guessing I have \n somehow
butchered the config of the crypto map and it\'s confusing this peer \n with the
VPN clients. The config of this pix is below, hopefully someone \n here can spot
the problem.
Summary:
",1] ); //-->(MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee and MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc" claiming to be MailScanner warning: numerical links are often malicious: cc.cc.cc.cc are the public IPs of the pixes)
That dynamically allocated peer doesn't make sense to me. The other pix
doesn't have that line in the output. I'm guessing I have somehow
butchered the config of the crypto map and it's confusing this peer with the
VPN clients. The config of this pix is below, hopefully someone here can spot
the problem.
Summary:
MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: \n numerical links are often malicious: ee.ee.ee.ee), one in \n Chicago (MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc" claiming to be MailScanner warning: \n numerical links are often malicious: cc.cc.cc.cc)",1] ); D(["mb","
* the pix \n in Evanston also handles incoming VPN client connections
",1] ); //-->* one pix is in Evanston (public=MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee), one in Chicago (MailScanner has detected a possible fraud attempt from "cc.cc.cc.cc" claiming to be MailScanner warning: numerical links are often malicious: cc.cc.cc.cc)
* the pix in Evanston also handles incoming VPN client connections
MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner \n warning: numerical links are often malicious: 10.1.0.0/16 and \n MailScanner has detected a possible fraud attempt from "192.168.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: 192.168.0.0/24; and \n Chicago\'s is MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner \n warning: numerical links are often malicious: \n 10.2.0.0/16",1] ); //-->* the Evanston private lans are MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.0.0/16 and MailScanner has detected a possible fraud attempt from "192.168.0.0" claiming to be MailScanner warning: numerical links are often malicious: 192.168.0.0/24; and Chicago's is MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner
warning: numerical links are often malicious: 10.2.0.0/16- Show quoted text -
Thanks in advance if anyone can spot the problem here. \n
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 \n auto
nameif ethernet0 outside security0
nameif ethernet1 inside \n security100
enable password ** encrypted
passwd ** encrypted
hostname \n pix-evn
domain-name **
clock timezone CST -6
clock summer-time CDT \n recurring
fixup protocol dns maximum-length 700
fixup protocol ftp \n 21
fixup protocol h323 h225 1720
fixup protocol h323 ras \n 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup \n protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp \n 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol \n sqlnet 1521
fixup protocol tftp 69
",1] ); D(["mb","name MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical \n links are often malicious: ee.ee.ee.ee vpn-evn",1] ); //-->- Show quoted text -
Thanks in advance if anyone can spot the problem here.
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password ** encrypted
passwd ** encrypted
hostname pix-evn
domain-name **
clock timezone CST -6
clock summer-time CDT recurring
fixup protocol dns maximum-length 700
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
name MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee vpn-evn
object-group \n icmp-type icmp_traffic
icmp-object \n echo-reply
icmp-object source-quench
icmp-object \n unreachable
icmp-object time-exceeded
access-list PERMIT_IN \n permit icmp any any object-group icmp_traffic
",1] ); //-->
object-group icmp-type icmp_traffic
icmp-object echo-reply
icmp-object source-quench
icmp-object unreachable
icmp-object time-exceeded
access-list PERMIT_IN permit icmp any any object-group icmp_traffic
access-list PERMIT_IN permit \n tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner \n warning: numerical links are often malicious: ee.ee.ee.ee eq \n ssh
access-list PERMIT_IN permit tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical \n links are often malicious: ee.ee.ee.ee eq www
access-list \n PERMIT_IN permit tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often \n malicious: ee.ee.ee.ee eq https
access-list PERMIT_IN permit \n udp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner \n warning: numerical links are often malicious: ee.ee.ee.ee eq \n isakmp
access-list PERMIT_IN permit ah any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical \n links are often malicious: ee.ee.ee.ee
access-list PERMIT_IN \n permit esp any host ",1] ); //-->access-list PERMIT_IN permit tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee eq ssh
access-list PERMIT_IN permit tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee eq www
access-list PERMIT_IN permit tcp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee eq https
access-list PERMIT_IN permit udp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee eq isakmp
access-list PERMIT_IN permit ah any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee
access-list PERMIT_IN permit esp any host MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often \n malicious: ee.ee.ee.ee
access-list NONAT permit ip MailScanner has detected a possible fraud attempt from "192.168.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 192.168.0.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.255.0 MailScanner has detected a possible fraud attempt from "10.1.250.0" claiming to be MailScanner warning: numerical \n links are often malicious: 10.1.250.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.255.0
access-list NONAT \n permit ip MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: 10.1.0.0 ",1] ); //-->MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee
access-list NONAT permit ip MailScanner has detected a possible fraud attempt from "192.168.0.0" claiming to be MailScanner warning: numerical links are often malicious: 192.168.0.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.255.0 MailScanner has detected a possible fraud attempt from "10.1.250.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.250.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.255.0
access-list NONAT permit ip MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.0.0 MailScanner has detected a possible fraud attempt from "10.1.250.0" claiming to be MailScanner warning: numerical \n links are often malicious: 10.1.250.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.255.0
",1] ); //-->MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.0.0 MailScanner has detected a possible fraud attempt from "10.1.250.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.250.0 MailScanner has detected a possible fraud attempt from "255.255.255.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.255.0
MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: 10.1.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.0.0 MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: numerical links \n are often malicious: 10.2.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.0.0
access-list CHICAGO \n permit ip MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: \n numerical links are often malicious: 10.1.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.0.0",1] ); //-->access-list NONAT permit ip MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.0.0 MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.2.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical links are often malicious:
255.255.0.0
access-list CHICAGO permit ip MailScanner has detected a possible fraud attempt from "10.1.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.1.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.0.0MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: numerical links \n are often malicious: 10.2.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical \n links are often malicious: 255.255.0.0",1] ); D(["mb","
no pager
logging \n on
logging trap notifications
",1] ); D(["mb","logging host inside MailScanner has detected a possible fraud attempt from "192.168.0.200" claiming to be MailScanner warning: numerical \n links are often malicious: 192.168.0.200",1] ); //--> MailScanner has detected a possible fraud attempt from "10.2.0.0" claiming to be MailScanner warning: numerical links are often malicious: 10.2.0.0 MailScanner has detected a possible fraud attempt from "255.255.0.0" claiming to be MailScanner warning: numerical links are often malicious: 255.255.0.0
no pager
logging on
logging trap notifications
logging host inside MailScanner has detected a possible fraud attempt from "192.168.0.200" claiming to be MailScanner warning: numerical links are often malicious: 192.168.0.200
no logging message \n 106023
no logging message 305005
no logging message 304001
icmp \n permit any outside
icmp permit any inside
mtu outside 1500
mtu inside \n 1500
",1] ); D(["mb","ip address outside MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often \n malicious: ee.ee.ee.ee MailScanner has detected a possible fraud attempt from "255.255.255.248" claiming to be MailScanner warning: numerical links are often \n malicious: 255.255.255.248
",1] ); //-->
no logging message 106023
no logging message 305005
no logging message 304001
icmp permit any outside
icmp permit any inside
mtu outside 1500
mtu inside 1500
ip address outside MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee MailScanner has detected a possible fraud attempt from "255.255.255.248" claiming to be MailScanner warning: numerical links are often malicious: 255.255.255.248
MailScanner has detected a possible fraud attempt from "10.1.1.1" claiming to be MailScanner warning: numerical links \n are often malicious: 10.1.1.1 MailScanner has detected a possible fraud attempt from "255.0.0.0" claiming to be MailScanner warning: numerical links are often \n malicious: 255.0.0.0",1] ); D(["mb","
ip audit info action alarm
ip audit \n attack action alarm
ip local pool REMOTE 10.1.250.1-10.1.250.254
pdm \n logging informational 100
pdm history enable
arp timeout 14400
global \n (outside) 1 interface
nat (inside) 0 access-list NONAT
",1] ); //-->ip address inside MailScanner has detected a possible fraud attempt from "10.1.1.1" claiming to be MailScanner warning: numerical links are often malicious: 10.1.1.1 MailScanner has detected a possible fraud attempt from "255.0.0.0" claiming to be Mai
---------------------------------
Brings words and photos together (easily) with
PhotoMail - it's free and works with Yahoo! Mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060208/1e42aedc/attachment-0001.html
More information about the MailScanner
mailing list