"All IP Traffic" vs. selected protocols

  • From: "Alexander Rayborn" <alexander@xxxxxxxxxxxxxxxx>
  • To: "ISAList" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 14 Nov 2001 10:47:57 -0600

Hey all...

Question about protocol rules...

For a while now, I've used a general rule that allows "All IP traffic
except selected" and checked off a few protocol definitions.

My question is... does this allow protocols outside of the normal
protocol definitions?  Does anyone know?

The reason I ask is... on one of my reports, it says one of the top used
protocols is UNKNOWN.  I'm wondering if this is a protocol that is
outside the protocol definitions, but was allowed because "All IP
traffic" was allowed.

If so, I gotta fix that :)  UNKNOWN doesn't look good to the
powersthatbe.

--Alexander

 

Other related posts:

  • » "All IP Traffic" vs. selected protocols