Default Severity
NOTICE
Log Message
Found <blacklisted_host> in blacklist. Triggered rule <rule>,
description:
<description>.
Protocol:
<proto>,
IP:
<ip>,
Port:
<port>.
Explanation
A blacklist entry was added which matched the IP address of this
connection. Thus it was closed accordingly.
Gateway Action
close
Recommended Action
Investigate threshold or IntrusionDetection rules that could have
triggered dynamic blacklisting.
Revision
1
Parameters
blacklisted_host
rule
description
ip
proto
port
2.6.5. packet_blacklisted (ID: 04600005)
Default Severity
NOTICE
Log Message
Found <blacklisted_host> in blacklist. Triggered rule <rule>,
description:
<description>.
Protocol:
<proto>,
IP:
<ip>,
Port:
<port>.
Explanation
A blacklist entry was added which matched the IP address of this
packet. Thus it was dropped accordingly.
Gateway Action
drop
Recommended Action
Investigate threshold or IntrusionDetection rules that could have
triggered dynamic blacklisting.
Revision
1
Parameters
blacklisted_host
rule
description
ip
proto
port
2.6.6. packet_blacklisted (ID: 04600006)
Default Severity
NOTICE
Log Message
Found source in blacklist. Triggered rule <rule>, description:
<description>.
Protocol:
<proto>,
IP:
<ip>,
Port:
<port>.
Explanation
A blacklist entry was added which matched the IP address of this
packet. Thus it was dropped accordingly.
Gateway Action
drop
2.6.5. packet_blacklisted (ID:
04600005)
Chapter 2. Log Message Reference
159
To Next Page
Loading...
