Block statistics of your firewall, created by fwanalog

Program started at Fri, Mar 08 2002 20:17.
Analyzed blocked packets from Sun, Feb 03 2002 09:52 to Tue, Feb 05 2002 12:11 (2.10 days).

General Summary

(Go To: Top: General Summary: Blocked Packet Report: Log Prefix Report: Packet Source Host Report: Organization Report: Domain Report: Hourly Summary: Daily Summary: Weekly Report: Monthly Report: Packet Size Report: Interface Report: Source Port Report)

Blocked packets: 136
Average blocked packets per day: 64
Distinct blocked packets: 11
Distinct hosts blocked: 30
Size of all dropped packets together: 8.496 kilobytes
Average size of dropped packets per day: 4.052 kilobytes

Blocked Packet Report

Listing blocked packets, sorted by the number of blocked packets.

#blocks: %blocks:       last time: blocked packet
-------: -------: ---------------: --------------
    135:  99.26%: Feb/ 5/02 12:11: 10.17.85.31
    102:  75.00%: Feb/ 5/02 12:11:   10.17.85.31/tcp
     66:  48.53%: Feb/ 4/02 22:09:     10.17.85.31:http (80)/tcp
     12:   8.82%: Feb/ 5/02 11:26:     10.17.85.31:smtp (25)/tcp
     11:   8.09%: Feb/ 5/02 12:11:     10.17.85.31:netbios-ssn (139)/tcp
      6:   4.41%: Feb/ 3/02 22:47:     10.17.85.31:imaps (993)/tcp
      4:   2.94%: Feb/ 4/02 22:05:     10.17.85.31:auth (113)/tcp
      1:   0.74%: Feb/ 3/02 17:22:     10.17.85.31:printer (515)/tcp
      1:   0.74%: Feb/ 3/02 17:56:     10.17.85.31:domain (53)/tcp
      1:   0.74%: Feb/ 4/02 23:59:     10.17.85.31:ftp (21)/tcp
     33:  24.26%: Feb/ 4/02 22:04:   10.17.85.31/udp
     29:  21.32%: Feb/ 4/02 00:02:     10.17.85.31:netbios-ns (137)/udp
      4:   2.94%: Feb/ 4/02 22:04:     10.17.85.31:auth (113)/udp
      1:   0.74%: Feb/ 4/02 11:22: 10.168.115.21
      1:   0.74%: Feb/ 4/02 11:22:   10.168.115.21/tcp
      1:   0.74%: Feb/ 4/02 11:22:     10.168.115.21:http (80)/tcp

Log Prefix Report

Listing log prefixes, sorted by the number of blocked packets.

 #: #blocks: %blocks:  kbytes: %bytes:       last time: log prefix
--: -------: -------: -------: ------: ---------------: ----------
 1:     100:  73.53%:   6.464: 76.09%: Feb/ 5/02 12:11: unspecified_in
 2:      18:  13.24%:   0.976: 11.49%: Feb/ 4/02 22:09: nmap_null_scan
 3:      12:   8.82%:   0.703:  8.28%: Feb/ 5/02 11:26: badhost
 4:       3:   2.21%:   0.175:  2.07%: Feb/ 4/02 22:04: nmap_syn/fin_scan
 5:       2:   1.47%:   0.117:  1.38%: Feb/ 4/02 22:04: nmap_xmas_scan
 6:       1:   0.74%:   0.058:  0.69%: Feb/ 4/02 11:22: spoofed_dest_out

Packet Source Host Report

Listing hosts with at least 0.5% of the blocked packets, sorted by the number of blocked packets.

 #: #blocks: %blocks: %bytes:       last time: host
--: -------: -------: ------: ---------------: ----
 1:      30:  22.06%: 22.53%: Feb/ 4/02 00:02: shieldsup.grc.com
 2:      27:  19.85%: 30.02%: Feb/ 4/02 22:09: 10.34.138.199
 3:       9:   6.62%:  5.38%: Feb/ 4/02 13:52: z0.physi.uni-heidelberg.de
 4:       6:   4.41%:  4.32%: Feb/ 3/02 22:47: lan-cale-pc09.lan.hw.ac.uk
 5:       6:   4.41%:  4.14%: Feb/ 3/02 22:03: ig21.optinrewards.com
 6:       6:   4.41%:  2.76%: Feb/ 4/02 16:09: 10.164.63.220
 7:       6:   4.41%:  2.76%: Feb/ 4/02 06:28: campari.mbc2.co.jp
 8:       6:   4.41%:  2.76%: Feb/ 4/02 00:15: as4-5-7.dre.s.bonet.se
 9:       6:   4.41%:  5.38%: Feb/ 3/02 10:36: 10.21.158.249
10:       4:   2.94%:  2.76%: Feb/ 5/02 11:26: ig09.optinrewards.com
11:       3:   2.21%:  1.79%: Feb/ 4/02 16:22: bar.iecom.net
12:       3:   2.21%:  2.69%: Feb/ 3/02 16:58: pec-58-215.tnt4.b2.uunet.de
13:       2:   1.47%:  0.92%: Feb/ 4/02 07:03: 10.30.227.102
14:       2:   1.47%:  0.92%: Feb/ 4/02 16:34: pd957272d.dip.t-dialin.net
15:       2:   1.47%:  0.92%: Feb/ 4/02 12:20: 10.230.95.122
16:       2:   1.47%:  1.20%: Feb/ 4/02 16:29: giada.uniroma3.it
17:       2:   1.47%:  0.92%: Feb/ 4/02 13:43: host253-189.dinoag.de
18:       2:   1.47%:  0.92%: Feb/ 4/02 05:35: 10.103.193.74
19:       1:   0.74%:  0.46%: Feb/ 4/02 23:59: fra-tgn-oyn-vty4.as.wcom.net
20:       1:   0.74%:  0.69%: Feb/ 4/02 11:22: www.tud.at
21:       1:   0.74%:  0.46%: Feb/ 4/02 11:22: 10.217.1.117
22:       1:   0.74%:  0.46%: Feb/ 4/02 02:32: p50825359.dip.t-dialin.net
23:       1:   0.74%:  0.46%: Feb/ 3/02 09:52: chello213047066195.11.univie.teleweb.at
24:       1:   0.74%:  0.69%: Feb/ 3/02 17:22: 10.192.103.71
25:       1:   0.74%:  0.69%: Feb/ 3/02 10:33: ig07.optinrewards.com
26:       1:   0.74%:  0.55%: Feb/ 5/02 12:11: austin1-36.onr.com
27:       1:   0.74%:  0.69%: Feb/ 3/02 17:56: zt.rzeszow.tpsa.pl
28:       1:   0.74%:  0.62%: Feb/ 4/02 18:32: 11-225-124-64.dsl.lan2wan.com
29:       1:   0.74%:  0.46%: Feb/ 4/02 00:08: 12-253-61-224.client.attbi.com
30:       1:   0.74%:  0.69%: Feb/ 5/02 00:35: ig10.optinrewards.com

Organization Report

Listing organizations with at least 0.5% of the blocked packets, sorted by the number of blocked packets.

 #: #blocks: %blocks: %bytes:       last time: organization
--: -------: -------: ------: ---------------: ------------
 1:      47:  34.56%: 42.07%: Feb/ 4/02 22:09: 10
 2:      30:  22.06%: 22.53%: Feb/ 4/02 00:02: grc.com
 3:      12:   8.82%:  8.28%: Feb/ 5/02 11:26: optinrewards.com
 4:       9:   6.62%:  5.38%: Feb/ 4/02 13:52: uni-heidelberg.de
 5:       6:   4.41%:  2.76%: Feb/ 4/02 06:28: mbc2.co.jp
 6:       6:   4.41%:  2.76%: Feb/ 4/02 00:15: bonet.se
 7:       6:   4.41%:  4.32%: Feb/ 3/02 22:47: hw.ac.uk
 8:       3:   2.21%:  1.79%: Feb/ 4/02 16:22: iecom.net
 9:       3:   2.21%:  1.38%: Feb/ 4/02 16:34: t-dialin.net
10:       3:   2.21%:  2.69%: Feb/ 3/02 16:58: uunet.de
11:       2:   1.47%:  0.92%: Feb/ 4/02 13:43: dinoag.de
12:       2:   1.47%:  1.20%: Feb/ 4/02 16:29: uniroma3.it
13:       1:   0.74%:  0.62%: Feb/ 4/02 18:32: lan2wan.com
14:       1:   0.74%:  0.46%: Feb/ 4/02 00:08: attbi.com
15:       1:   0.74%:  0.46%: Feb/ 3/02 09:52: univie.teleweb.at
16:       1:   0.74%:  0.46%: Feb/ 4/02 23:59: wcom.net
17:       1:   0.74%:  0.69%: Feb/ 4/02 11:22: tud.at
18:       1:   0.74%:  0.69%: Feb/ 3/02 17:56: rzeszow.tpsa.pl
19:       1:   0.74%:  0.55%: Feb/ 5/02 12:11: onr.com

Domain Report

Listing domains, sorted by the number of blocked packets.

#blocks: %blocks:  kbytes: %bytes:       last time: domain
-------: -------: -------: ------: ---------------: ------
     47:  34.56%:   3.574: 42.07%: Feb/ 4/02 22:09: [unresolved numerical addresses]
     45:  33.09%:   2.755: 32.44%: Feb/ 5/02 12:11: .com (Commercial)
     14:  10.29%:   0.763:  8.99%: Feb/ 4/02 13:52: .de (Germany)
      7:   5.15%:   0.308:  3.63%: Feb/ 4/02 23:59: .net (Network)
      6:   4.41%:   0.367:  4.32%: Feb/ 3/02 22:47: .uk (United Kingdom)
      6:   4.41%:   0.234:  2.76%: Feb/ 4/02 00:15: .se (Sweden)
      6:   4.41%:   0.234:  2.76%: Feb/ 4/02 06:28: .jp (Japan)
      2:   1.47%:   0.097:  1.15%: Feb/ 4/02 11:22: .at (Austria)
      2:   1.47%:   0.101:  1.20%: Feb/ 4/02 16:29: .it (Italy)
      1:   0.74%:   0.058:  0.69%: Feb/ 3/02 17:56: .pl (Poland)

Hourly Summary

Each unit (+) represents 2 blocked packets or part thereof.

hour: #blocks: %blocks:  kbytes: %bytes: 
----: -------: -------: -------: ------: 
   0:      38:  27.94%:   2.246: 26.44%: +++++++++++++++++++
   1:       0:        :   0.000:       : 
   2:       1:   0.74%:   0.039:  0.46%: +
   3:       0:        :   0.000:       : 
   4:       0:        :   0.000:       : 
   5:       2:   1.47%:   0.078:  0.92%: +
   6:       6:   4.41%:   0.234:  2.76%: +++
   7:       2:   1.47%:   0.078:  0.92%: +
   8:       0:        :   0.000:       : 
   9:       1:   0.74%:   0.039:  0.46%: +
  10:       7:   5.15%:   0.515:  6.07%: ++++
  11:       6:   4.41%:   0.332:  3.91%: +++
  12:       3:   2.21%:   0.125:  1.47%: ++
  13:      11:   8.09%:   0.535:  6.30%: ++++++
  14:       0:        :   0.000:       : 
  15:       0:        :   0.000:       : 
  16:      16:  11.76%:   0.794:  9.36%: ++++++++
  17:       2:   1.47%:   0.117:  1.38%: +
  18:       1:   0.74%:   0.052:  0.62%: +
  19:       0:        :   0.000:       : 
  20:       3:   2.21%:   0.183:  2.16%: ++
  21:       1:   0.74%:   0.058:  0.69%: +
  22:      35:  25.74%:   3.027: 35.63%: ++++++++++++++++++
  23:       1:   0.74%:   0.039:  0.46%: +

Daily Summary

Each unit (+) represents 5 blocked packets or part thereof.

day: #blocks: %blocks:  kbytes: %bytes: 
---: -------: -------: -------: ------: 
Mon:     105:  77.21%:   6.537: 76.94%: +++++++++++++++++++++
Tue:       6:   4.41%:   0.339:  4.00%: ++
Wed:       0:        :   0.000:       : 
Thu:       0:        :   0.000:       : 
Fri:       0:        :   0.000:       : 
Sat:       0:        :   0.000:       : 
Sun:      25:  18.38%:   1.619: 19.06%: +++++

Weekly Report

Each unit (+) represents 6 blocked packets or part thereof.

week beg.: #blocks: %blocks:  kbytes: %bytes: 
---------: -------: -------: -------: ------: 
Jan/28/02:      25:  18.38%:   1.619: 19.06%: +++++
Feb/ 4/02:     111:  81.62%:   6.876: 80.94%: +++++++++++++++++++

Week with the most blocked packets: week beginning Feb/ 4/02 (111 blocked packets).

Monthly Report

Each unit (+) represents 8 blocked packets or part thereof.

   month: #blocks: %blocks:  kbytes: %bytes: 
--------: -------: -------: -------: ------: 
Feb 2002:     136:    100%:   8.496:   100%: +++++++++++++++++

Month with the most blocked packets: Feb 2002 (136 blocked packets).

Packet Size Report

      size: #blocks: %bytes: 
----------: -------: ------: 
         0:       0:       : 
  1b-  10b:       0:       : 
 11b- 100b:     132: 84.92%: 
101b-  1kb:       4: 15.08%:

Interface Report

Listing interfaces with at least 5 blocked packets, sorted by the number of blocked packets.

#blocks: %bytes: interface
-------: ------: ---------
    136:   100%: eth1

Source Port Report

Listing the top 20 source ports by the number of blocked packets, sorted by the number of blocked packets.

 #: #blocks: %blocks:  kbytes: %bytes:       last time: source port
--: -------: -------: -------: ------: ---------------: -----------
 1:      23:  16.91%:   1.751: 20.62%: Feb/ 4/02 00:02: 137
 2:      10:   7.35%:   0.390:  4.60%: Feb/ 4/02 00:02: 10139
 3:       9:   6.62%:   0.457:  5.38%: Feb/ 4/02 13:52: 52215
 4:       6:   4.41%:   0.234:  2.76%: Feb/ 4/02 06:28: 52343
 5:       6:   4.41%:   0.457:  5.38%: Feb/ 3/02 10:36: 61229
 6:       6:   4.41%:   0.234:  2.76%: Feb/ 4/02 00:15: 4722
 7:       6:   4.41%:   0.351:  4.14%: Feb/ 4/02 22:09: 39273
 8:       6:   4.41%:   0.234:  2.76%: Feb/ 4/02 16:09: 1684
 9:       5:   3.68%:   0.292:  3.45%: Feb/ 3/02 22:03: 59469
10:       4:   2.94%:   0.234:  2.76%: Feb/ 4/02 22:04: 37642
11:       4:   2.94%:   1.281: 15.08%: Feb/ 4/02 22:04: 37634
12:       4:   2.94%:   0.234:  2.76%: Feb/ 4/02 22:03: 42576
13:       4:   2.94%:   0.234:  2.76%: Feb/ 5/02 11:26: 42299
14:       3:   2.21%:   0.183:  2.16%: Feb/ 3/02 22:47: 1460
15:       2:   1.47%:   0.078:  0.92%: Feb/ 4/02 22:05: 39266
16:       2:   1.47%:   0.078:  0.92%: Feb/ 4/02 05:35: 1358
17:       2:   1.47%:   0.117:  1.38%: Feb/ 4/02 22:04: 37643
18:       2:   1.47%:   0.078:  0.92%: Feb/ 4/02 22:04: 39265
19:       2:   1.47%:   0.101:  1.20%: Feb/ 4/02 16:22: 32893
20:       2:   1.47%:   0.117:  1.38%: Feb/ 4/02 22:04: 37647
  :      28:  20.59%:   1.353: 15.93%: Feb/ 5/02 12:11: [not listed: 27 source ports]

This analysis was produced by analog 5.21.
Running time: 3 seconds.