Proxy 2.0 Packet filter logs.. How to read them..

[TecGuy]

Greetings Everyone,

We have Proxy server 2.0 running on Windows 2000 Server.

All service packs and appropriate setup steps have been followed. The products have been configured and have been working.

BUT.. <(always a but)

Just recently we have been getting Packet Filters being generated like Crazy!!!. So many its filling up the hard drive at an alarming rate.
Is someone trying to hack into our firewall?
Is it a virus trying to connect ?

How would you go about fixing this problem and readin the log files.

**********

The following Continue to appear in the System Log.

Type: Warning
Source: PacketFilterLog
Event ID: 44

Description:
Packet Filter Dropped packet Alert


**********************************

Below is a sample of the Packet Filter log. (We are in essence trying to find out which ip address are connecting in and if a hacker is running programs on our network.. Possible Virus? etc..

************************************8
1/29/2003, 0:00:02, 168.93.108.115, 63.149.223.119, Udp, 137, 137, -, 0, 12.161.198.82, 45 00 00 4e d6 a6 00 00 80 11 00 00 a8 5d 6c 73 3f 95 df 77 94 04 00 00 ëúw0ýÅ, 00 89 00 89 00 3a cc 2e 0a 8c 00 00 00 01 00 00 00 00 00 00 01 31 01 30 01 30 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,

1/29/2003, 0:00:03, 178.1.1.29, 178.1.29.165, Tcp, 3687, 80, SYN , 0, 12.161.198.82, 45 00 00 2c 7c 5e 40 00 80 06 fb a8 b2 01 01 1d b2 01 1d a5 94 04 00 00 ëúw0ýÅ, 0e 67 00 50 17 b9 08 bd 00 00 00 00 60 02 20 00 c6 34 00 00 02 04 05 b4 00 00 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,


1/29/2003, 0:00:03, 178.1.1.29, 178.1.79.50, Tcp, 3686, 80, SYN , 0, 12.161.198.82, 45 00 00 2c 7d 5e 40 00 80 06 c9 1b b2 01 01 1d b2 01 4f 32 94 04 00 00 ëúw0ýÅ, 0e 66 00 50 17 b9 08 aa 00 00 00 00 60 02 20 00 94 bb 00 00 02 04 05 b4 00 00 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,


1/29/2003, 0:00:03, 178.1.1.29, 178.1.69.34, Tcp, 3688, 80, SYN , 0, 12.161.198.82, 45 00 00 2c 7f 5e 40 00 80 06 d1 2b b2 01 01 1d b2 01 45 22 94 04 00 00 ëúw0ýÅ, 0e 68 00 50 17 b9 08 cc 00 00 00 00 60 02 20 00 9e a7 00 00 02 04 05 b4 00 00 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20 ,


1/29/2003, 0:00:03, 178.1.1.29, 178.1.110.157, Tcp, 3689, 80, SYN , 0, 12.161.198.82, 45 00 00 2c 8a 5e 40 00 80 06 9c b0 b2 01 01 1d b2 01 6e 9d 94 04 00 00 ëúw0ýÅ, 0e 69 00 50 17 b9 08 db 00 00 00 00 60 02 20 00 75 1c 00 00 02 04 05 b4 00 00 03 31 32 37 07 69 6e 2d 61 64 64 72 04 61 72 70 61 00 00 0c 00 01 02 01 00 43 04 02 c0 dd b7 30 00 00 00 00 01 07 0c 42 45 41 56 45 52 20 20 20 20 20 20 20 20 20
***********************************************

These logs are getting to 40+MB at times. Avg. 30MB - 45MB

Help... What does all this mean..

Has anyone seen this before..

Any information on this would be apprciated.

Thanks in advanced...