Strange report results on zyxel Zywall 35

Strange report results on zyxel Zywall 35
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Strange report results on zyxel Zywall 35 hammeronthenet 03-11-2008
Posted by hammeronthenet on March 11, 2008, 9:53 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,
I'm going to monitoring the traffic on my Zywall firewall and I've got
some strange results...
WAN to LAN it's completely closed except for some ports (in detail:
ultravnc 5500,RDP 3389,telnet 23,SSH,HTTP,FTP (20 and 21), SMTP).
In Zywall "System reports" I see something strange:

1 TCP(Protocol:6, port:51097) Incoming 2184 (Mbytes)
2 TCP(Protocol:6, port:54749) Incoming 1789 (Mbytes)
3 TCP(Protocol:6, port:51782) Incoming 1620 (Mbytes)
4 TCP(Protocol:6, port:54580) Incoming 1604 (Mbytes)
5 TCP(Protocol:6, port:1736) Incoming 1349 (Mbytes)
6 TCP(Protocol:6, port:47544) Incoming 1222 (Mbytes)
7 TCP(Protocol:6, port:38872) Incoming 1165 (Mbytes)

and so on... a lot of bytes from WAN to LAN. Watching others reports,
I understand that the traffic seems to be directed to a Linux server
(it's a web mail server... and nothing else!) cause the amount of
traffic for this server is equivalent to the sum of the singles ports
entry.

Now I don't undestand:

1) how the packets enter? Or they are dropped by the firewall and they
are only showed by firewall?
2) What kind of traffic is it? It's seems to be P2P traffic ???
3) It's correct my deduction that this traffic is redirected to mail
server or it's not the truth?


Tanks guys, and sorry for my terrible english ; )


Similar ThreadsPosted
ZyXel Zywall 10 January 20, 2005, 7:08 pm
Netscreen 100 + Zyxel Zywall 10 July 31, 2007, 7:56 am
Please recommend a firewall/VPN router to replace a ZyXEL ZyWALL 35 June 15, 2007, 10:27 am
Netscreen firewall configuration report parser March 21, 2007, 3:27 pm
Zywall 2 - Zywall 70 WAN project (based on dynamic IPs) July 15, 2005, 2:34 pm
Layer 3 behind ZYXEL VPN November 2, 2006, 2:45 pm
ZyXel Command Interpreter February 12, 2005, 1:41 pm
Zyxel SSL 10 private DNS ISSUE August 12, 2007, 6:41 am
Zyxel P-2602HWL-D1A portforwarding ? December 10, 2007, 2:33 pm
PPTP over Zyxel NAT and win2003 server January 17, 2007, 8:57 am

The site map in XML format XML site map

Contact Us | Privacy Policy