Rule Name | Rule Type | Common Event | Classification |
Pattern 17 : Traffic | Base Rule | General Firewall Log | Network Traffic |
PIX-X-713061 : Tunnel Rej:Crypto Map Pol Not Found | Sub Rule | Failed Suspicious Activity | Failed Suspicious |
PIX-X-713042 : IKE Initiator Unable to Find Policy | Sub Rule | IKE Initiator Unable to Find Key | Error |
PIX-X-710003 : Access Denied By ACL | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-703002 : H.225 Release Complete | Sub Rule | General Information | Information |
PIX-X-703001 : H.225 Message Received | Sub Rule | General Information | Information |
PIX-X-621007 : Bad Register | Sub Rule | Bad PIM Register | Information |
PIX-X-620002 : Un-Supported CTIQBE Version | Sub Rule | General VOIP Message | Information |
PIX-X-620001 : Pre-Allocate CTIQBE | Sub Rule | General VOIP Message | Information |
PIX-X-617004 : GTP Connection Created | Sub Rule | GTP Connection Created | Information |
PIX-X-617003 : GTP Tunnel Created | Sub Rule | Tunnel Created | Network Traffic |
PIX-X-617001 : GTP Message | Sub Rule | General Information | Information |
PIX-X-616001 : Pre-Allocate MGCP Connection | Sub Rule | General Information | Information |
PIX-X-614002 : DNS Reply | Sub Rule | DNS Reply | Network Traffic |
PIX-X-614001 : DNS Request | Sub Rule | DNS Request | Network Traffic |
PIX-X-611314 : Load Balancing Cluster Redirected | Sub Rule | General Information | Information |
PIX-X-608001 : Pre-Allocate Skinny Connection | Sub Rule | General Information | Information |
PIX-X-607001 : Pre-Allocate SIP Connection | Sub Rule | General Information | Information |
PIX-X-507001 : Terminated Connection | Sub Rule | Connection Closed | Network Traffic |
PIX-X-500004 : Invalid Transport Field | Sub Rule | Invalid Transport Field | Warning |
PIX-X-500003 : Bad TCP Header Length | Sub Rule | Protocol Anomaly | Attack |
PIX-X-500002 : Java Content Modified | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-500001 : ActiveX Content Modified | Sub Rule | Packet Contains ActiveX Content and Is Modified | Critical |
PIX-X-419002 : Duplicate SYN Packet | Sub Rule | Duplicate SYN Packet | Network Traffic |
PIX-X-419001 : Dropped Packet | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-418001 : Dropped Packet | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-416001 : Dropped Packet | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-415014 : Maximum Unanswered HTTP Requests Exc | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415013 : HTTP Transfer Encoding Vltn Detected | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415012 : HTTP Deobfuscation Sig Detected | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415011 : HTTP URL Length Exceeded | Sub Rule | Buffer Overflow/Underflow | Attack |
PIX-X-415010 : HTTP Protocol Violation Detected | Sub Rule | Protocol Anomaly | Attack |
PIX-X-415009 : HTTP Header Length Exceeded | Sub Rule | Buffer Overflow/Underflow | Attack |
PIX-X-415008 : HTTP RFC Method Illegal | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415007 : HTTP Extension Method Illegal | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415006 : Content Size Out of Range | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415005 : Content Type Doesn't Match Spec Type | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-415004 : Content Type Not Found | Sub Rule | Content Type Not Found | Activity |
PIX-X-415003 : HTTP Peer-To-Peer Detected | Sub Rule | P2P Activity | Misuse |
PIX-X-415002 : HTTP Instant Messenger Detected | Sub Rule | IM/Chat Activity | Misuse |
PIX-X-415001 : HTTP Tunnel Detected | Sub Rule | Anonymizing Activity | Misuse |
PIX-X-410001 : DNS Request Exceeds Packet Length | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-406002 : FTP Port Command with Diff Address | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-406001 : FTP Low Port Command | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-405201 : ILS Message | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-405105 : H323 RAS Message | Sub Rule | General Information | Information |
PIX-X-405104 : H225 Message Received | Sub Rule | General Information | Information |
PIX-X-405103 : H225 Message | Sub Rule | General Information | Information |
PIX-X-400050 : STATd Buffer Overflow | Sub Rule | Buffer Overflow/Underflow | Attack |
PIX-X-400049 : Remote Exec Daemon Attempt | Sub Rule | Arbitrary Code Execution | Attack |
PIX-X-400048 : Remote Exec Daemon Portmap Request | Sub Rule | Arbitrary Code Execution | Attack |
PIX-X-400047 : Mount Daemon Portmap Request | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400046 : YP Transfer Daemon Portmap Request | Sub Rule | Port Scan | Reconnaissance |
PIX-X-400045 : YP Update Daemon Portmap Request | Sub Rule | Port Scan | Reconnaissance |
PIX-X-400044 : YP Password Daemon Portmap Request | Sub Rule | Port Scan | Reconnaissance |
PIX-X-400043 : YP Bind Daemon Portmap Request | Sub Rule | RPC Portmap YPServ Request | Activity |
PIX-X-400042 : YP Server Daemon Portmap Request | Sub Rule | General Attack Activity | Attack |
PIX-X-400041 : Proxied RPC Request | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400040 : RPC Dump | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400039 : RPC Port Unregistration | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400038 : RPC Port Registration | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400037 : DNS Request for All Records | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400036 : DNS Zone Transfer from High Port | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400035 : DNS Zone Transfer | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400034 : DNS HINFO Request | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400033 : UDP Chargen DoS Attack | Sub Rule | Host Denial of Service | Denial of Service |
PIX-X-400032 : UDP Snork Attack | Sub Rule | General Attack Activity | Attack |
PIX-X-400031 : UDP Bomb Attack | Sub Rule | General Attack Activity | Attack |
PIX-X-400030 : FTP Improper Port Specified | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400029 : FTP Improper Address Specified | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400028 : TCP FIN Only Flags | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400027 : TCP SYN+FIN Flags | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400026 : TCP NULL Flags | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400025 : Ping of Death Attack | Sub Rule | General Attack Activity | Attack |
PIX-X-400024 : Large ICMP Traffic | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400023 : Fragmented ICMP Traffic | Sub Rule | Fragmented Packet Received | Network Traffic |
PIX-X-400022 : ICMP Address Mask Reply | Sub Rule | ICMP Address Mask Reply | Activity |
PIX-X-400021 : ICMP Address Mask Request | Sub Rule | ICMP Address Mask Request | Activity |
PIX-X-400020 : ICMP Information Reply | Sub Rule | ICMP Information Reply | Activity |
PIX-X-400019 : ICMP Information Request | Sub Rule | ICMP Information Request | Activity |
PIX-X-400018 : ICMP Timestamp Reply | Sub Rule | ICMP Timestamp Reply | Activity |
PIX-X-400017 : ICMP Timestamp Request | Sub Rule | ICMP Timestamp Request | Activity |
PIX-X-400016 : ICMP Parameter Problem On Datagram | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400015 : ICMP Time Exceeded for A Datagram | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400014 : ICMP Echo Request | Sub Rule | ICMP Echo Request | Network Traffic |
PIX-X-400013 : ICMP Redirect | Sub Rule | Protocol Anomaly | Attack |
PIX-X-40012 : ICMP Source Quench | Sub Rule | Suspicious Activity | Suspicious |
PIX-X-400011 : ICMP Unreachable | Sub Rule | ICMP : Host Unreachable | Activity |
PIX-X-400010 : ICMP Echo Reply | Sub Rule | ICMP Echo Reply | Activity |
PIX-X-400009 : IP Fragments Overlap | Sub Rule | Protocol Anomaly | Attack |
PIX-X-400008 : IP Impossible Packet | Sub Rule | General Attack Activity | Attack |
PIX-X-400007 : IP Fragment Attack | Sub Rule | General Attack Activity | Attack |
PIX-X-400006 : IP Options-Strict Source Route | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400005 : IP Options-SATNET ID | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400004 : IP Options-Loose Source Route | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400003 : IP Options-Security | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400002 : IP Options-Timestamp | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400001 : IP Options-Record Packet Route | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-400000 : IP Options-Bad Option List | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-326007 : MRIB Entry-Update Failed | Sub Rule | MRIB Entry-Update Failed | Error |
PIX-X-326006 : MRIB Entry-Creation Failed | Sub Rule | MRIB Entry-Creation Failed | Error |
PIX-X-326005 : MRIB Notification Failed | Sub Rule | MRIB Notification Failed | Error |
PIX-X-324007 : Unable to Create GTP Connection | Sub Rule | Unable to Create Connection | Error |
PIX-X-324005 : Unable to Create Tunnel | Sub Rule | Tunnel Creation Failure | Error |
PIX-X-324004 : Packet Version Not Supported | Sub Rule | Packet Version Not Supported | Activity |
PIX-X-324003 : No Matching Request | Sub Rule | No Matching Request for Response | Warning |
PIX-X-324002 : No PDP Exists | Sub Rule | No PDP Exists | Error |
PIX-X-324001 : Packet Parsing Error | Sub Rule | Packet Parsing Error | Error |
PIX-X-324000 : Packet Dropped | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-322004 : No Management IP Configured | Sub Rule | No Management IP Address Configured | Warning |
PIX-X-318005 : Inconsistency in Routing Table | Sub Rule | Inconsistency in Routing Table | Error |
PIX-X-314001 : Pre-Allocate Backconnection | Sub Rule | Pre-Allocated RTSP Connection | Information |
PIX-X-313005 : No Matching Connection for ICMP | Sub Rule | No Matching Connection for ICMP Error Message | Warning |
PIX-X-313004 : Dropped Packet | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-305012 : Teardown Translation | Sub Rule | Translation Teardown | Network Traffic |
PIX-X-305011 : Built Translation | Sub Rule | Translation Built | Network Traffic |
PIX-X-305010 : Address Translation Slot Deleted | Sub Rule | IP Network Address Translation Info Msg | Information |
PIX-X-305009 : Address Translation Slot Created | Sub Rule | IP Network Address Translation Info Msg | Information |
PIX-X-305006 : Translation Creation Failed | Sub Rule | Regular Translation Creation Failed | Error |
PIX-X-305005 : No Translation Group Found | Sub Rule | No Translation Group Found for Protocol | Error |
PIX-X-304002 : URL Access Denied | Sub Rule | Access Object Failure | Access Failure |
PIX-X-303004 : FTP Command Un-Supported | Sub Rule | FTP Command Un-Supported | Information |
PIX-X-303003 : FTP Command Denied | Sub Rule | FTP Command Denied | Failed Activity |
PIX-X-302018 : Teardown Connection | Sub Rule | Connection Teardown | Network Traffic |
PIX-X-302017 : Built Connection | Sub Rule | Connection Built | Network Traffic |
PIX-X-302016 : Teardown Connection | Sub Rule | Connection Teardown | Network Traffic |
PIX-X-302015 : Built Connection | Sub Rule | Connection Built | Network Traffic |
PIX-X-302014 : Teardown Connection | Sub Rule | Connection Teardown | Network Traffic |
PIX-X-302013 : Built Connection | Sub Rule | Connection Built | Network Traffic |
PIX-X-302004 : Pre-Allocate Backconnection | Sub Rule | Pre-Allocate H323 Backconnection | Information |
PIX-X-212006 : Dropped SNMP Request | Sub Rule | Dropped SNMP Request | Failed Activity |
PIX-X-210010 : LU Make UDP Connection Failed | Sub Rule | LU Make UDP Connection Failed | Error |
PIX-X-210008 : LU No Xlate | Sub Rule | LU No Xlate | Error |
PIX-X-202011 : Connection Limit Exceeded | Sub Rule | Connection Limit Exceeded | Warning |
PIX-X-201010 : Embryonic Connection Limit Exceeded | Sub Rule | Network Denial of Service | Denial of Service |
PIX-X-201003 : Embryonic Limit Exceeded | Sub Rule | Network Denial of Service | Denial of Service |
PIX-X-109028 : Built H245 Connection | Sub Rule | Connection Built | Network Traffic |
PIX-X-109023 : Attempt to Use Service Before Auth | Sub Rule | Failed Suspicious Host Activity | Failed Suspicious |
PIX-X-109010 : Connection Limit Exceeded | Sub Rule | Connection Limit Exceeded | Warning |
PIX-X-109009 : Authorization Denied (Not Auth) | Sub Rule | Access Object Failure | Access Failure |
PIX-X-109003 : Authorization Failed | Sub Rule | Unable to Communicate with Authentication Server | Error |
PIX-X-109002 : Failed Authentication | Sub Rule | Unable to Communicate with Authentication Server | Error |
PIX-X-108003 : Connection Terminated | Sub Rule | Connection Closed | Network Traffic |
PIX-X-108002 : Invalid Char Replaced in Email Msg | Sub Rule | Replaced Invalid Characters in Email Address | Warning |
PIX-X-106020 : Drop Packet Due to Teardrop Attack | Sub Rule | Failed Host Denial of Service | Failed Denial of Service |
PIX-X-106018 : Packet Denied | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-106017 : Dropped Packet Due to Land Attack | Sub Rule | Failed Host Denial of Service | Failed Denial of Service |
PIX-X-106016 : Dropped Packet Due to IP Spoof | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-106013 : Dropped Echo Request | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-106012 : Denied Packet Due to IP Options | Sub Rule | Traffic Denied by Network Firewall | Network Deny |
PIX-X-106002 : Denied Connection | Sub Rule | Traffic Denied by Network Firewall | Network Deny |