>$ sudo cat /var/log/messages |tailfilter -ql 100 > filtered.txt Tailfilter - Firewall Log Streaming Report ( Starting Date: Jul 28 ) Time From Address Proto/Port Service Resolved Domain ---------------------------------------------------------------------------------------------------- 04:42:43 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 04:42:46 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 04:54:59 66.220.21.22 tcp/113 | auth | Host not found: 2(SERVFAIL) 04:55:02 66.220.21.22 tcp/113 | auth | Host not found: 2(SERVFAIL) 04:55:08 66.220.21.22 tcp/113 | auth | Host not found: 2(SERVFAIL) 04:55:20 66.220.21.22 tcp/113 | auth | Host not found: 2(SERVFAIL) 04:55:59 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 04:56:02 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 04:56:08 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 04:56:20 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 06:36:37 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 06:36:40 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 07:30:19 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 07:30:22 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 08:13:19 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 08:13:22 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 08:26:43 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 08:26:46 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 08:35:25 202.94.1.125 tcp/80 | http | Host not found: 3(NXDOMAIN) 08:35:28 202.94.1.125 tcp/80 | http | Host not found: 3(NXDOMAIN) 10:18:12 146.229.41.121 tcp/21 | ftp | aslnx2.asb.uah.edu 11:12:18 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 11:12:21 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 11:12:57 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 11:13:00 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 12:07:35 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:07:38 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:07:44 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:07:56 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:28:01 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 12:28:04 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 12:43:06 212.22.42.139 tcp/1111 | = none = | sacvx139.usuarios.retecal.es 14:51:32 68.42.18.168 tcp/27374| asp | bgp01072339bgs.vnburn01.mi.comcast.net 15:09:48 212.157.128.210 tcp/111 | sunrpc | Host not found: 3(NXDOMAIN) 16:54:15 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 16:54:18 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 18:07:13 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 18:07:16 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 19:16:25 68.45.6.45 tcp/80 | http | pcp163335pcs.mtlrel01.nj.comcast.net 20:03:40 80.78.160.95 tcp/6112 | = none = | admin4.telta.de 21:13:45 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 21:13:47 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 23:28:19 68.82.55.142 tcp/80 | http | pcp01486579pcs.limstn01.de.comcast.net 23:40:09 211.167.69.241 tcp/1433 | ms-sql-s | Host not found: 3(NXDOMAIN) 23:40:12 211.167.69.241 tcp/1433 | ms-sql-s | Host not found: 3(NXDOMAIN) 23:40:18 211.167.69.241 tcp/1433 | ms-sql-s | Host not found: 3(NXDOMAIN) 01:36:15 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 01:36:18 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 03:04:08 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 03:04:11 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 03:24:48 195.113.153.9 tcp/21 | ftp | Host not found: 3(NXDOMAIN) 03:24:51 195.113.153.9 tcp/21 | ftp | Host not found: 3(NXDOMAIN) 04:27:30 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 04:27:32 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 05:21:00 63.165.10.30 tcp/113 | auth | irc.utchat.com 05:21:03 63.165.10.30 tcp/113 | auth | irc.utchat.com 05:21:09 63.165.10.30 tcp/113 | auth | irc.utchat.com 05:21:19 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 05:21:21 63.165.10.30 tcp/113 | auth | irc.utchat.com 05:21:22 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 05:21:28 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 05:21:40 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 05:21:45 63.165.10.30 tcp/113 | auth | irc.utchat.com 06:20:33 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 06:20:36 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 07:40:44 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 07:40:47 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 07:55:46 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 08:13:47 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 08:13:50 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 09:55:13 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 11:27:06 216.53.71.66 tcp/113 | auth | www.phpcult.com 11:27:09 216.53.71.66 tcp/113 | auth | www.phpcult.com 11:39:44 216.53.71.66 tcp/113 | auth | www.phpcult.com 11:39:47 216.53.71.66 tcp/113 | auth | www.phpcult.com 12:19:24 68.60.129.159 tcp/80 | http | pcp01130226pcs.macmb101.mi.comcast.net 12:19:28 68.60.129.159 tcp/80 | http | pcp01130226pcs.macmb101.mi.comcast.net 12:42:31 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 12:42:34 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 13:05:22 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 13:05:25 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 14:33:31 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 14:33:34 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 15:54:52 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 15:54:55 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 16:23:13 68.48.192.199 tcp/80 | http | pcp761952pcs.dalect01.va.comcast.net 16:52:50 68.82.83.164 tcp/80 | http | pcp01464443pcs.lpaxtn01.pa.comcast.net 20:33:33 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 20:33:36 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 21:26:16 68.15.140.186 tcp/80 | http | Host not found: 2(SERVFAIL) 21:26:19 68.15.140.186 tcp/80 | http | Host not found: 2(SERVFAIL) 21:29:13 68.40.245.58 tcp/80 | http | bgp04072342bgs.derbrh01.mi.comcast.net 21:29:15 68.40.245.58 tcp/80 | http | bgp04072342bgs.derbrh01.mi.comcast.net 00:12:53 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 00:23:18 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 01:16:00 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net Tailfilter - Firewall Log Streaming Report ( Starting Date: Jul 30 ) Time From Address Proto/Port Service Resolved Domain ---------------------------------------------------------------------------------------------------- 02:00:15 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 02:00:18 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 02:20:05 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 02:20:13 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 03:36:18 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 03:48:56 68.37.45.32 tcp/80 | http | bgp451388bgs.avenel01.nj.comcast.net 03:48:59 68.37.45.32 tcp/80 | http | bgp451388bgs.avenel01.nj.comcast.net 04:13:55 216.78.162.122 tcp/6346 | = none = | adsl-78-162-122.gnv.bellsouth.net 04:13:57 216.78.162.122 tcp/6346 | = none = | adsl-78-162-122.gnv.bellsouth.net 04:14:04 216.78.162.122 tcp/6346 | = none = | adsl-78-162-122.gnv.bellsouth.net 05:02:55 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 05:35:49 68.82.99.2 tcp/80 | http | pcp01519057pcs.reding01.pa.comcast.net 07:27:33 68.50.245.233 tcp/80 | http | pcp01636615pcs.anaprd01.md.comcast.net 08:39:19 208.176.5.253 tcp/21 | ftp | w253.z208176005.sjc-ca.dsl.cnc.net 08:39:22 208.176.5.253 tcp/21 | ftp | w253.z208176005.sjc-ca.dsl.cnc.net 08:39:28 208.176.5.253 tcp/21 | ftp | w253.z208176005.sjc-ca.dsl.cnc.net 08:39:40 208.176.5.253 tcp/21 | ftp | w253.z208176005.sjc-ca.dsl.cnc.net 09:28:11 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 09:28:14 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 09:35:59 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 09:36:02 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 10:19:03 143.48.1.1 tcp/113 | auth | phage.cshl.org 10:19:06 143.48.1.1 tcp/113 | auth | phage.cshl.org 11:52:53 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 11:52:56 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 12:31:15 142.59.92.160 tcp/111 | sunrpc | Host not found: 3(NXDOMAIN) 12:51:03 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:51:06 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:51:12 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 12:51:24 134.102.206.163 tcp/113 | auth | kbs21.informatik.uni-bremen.de 13:52:03 68.82.193.173 tcp/80 | http | pcp01489673pcs.limstn01.de.comcast.net 13:52:06 68.82.193.173 tcp/80 | http | pcp01489673pcs.limstn01.de.comcast.net 15:07:46 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 15:07:49 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 15:07:55 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 15:08:07 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 16:16:58 209.81.13.93 tcp/113 | auth | box7.communitycolo.net 16:17:01 209.81.13.93 tcp/113 | auth | box7.communitycolo.net 16:17:07 209.81.13.93 tcp/113 | auth | box7.communitycolo.net 16:17:19 209.81.13.93 tcp/113 | auth | box7.communitycolo.net 17:40:31 208.18.75.35 tcp/80 | http | 208-18-75-35.usd266.com 17:40:34 208.18.75.35 tcp/80 | http | 208-18-75-35.usd266.com 18:09:57 200.206.165.56 tcp/22 | ssh | 200-206-165-56.dsl.telesp.net.br 18:10:00 200.206.165.56 tcp/22 | ssh | 200-206-165-56.dsl.telesp.net.br 18:10:06 200.206.165.56 tcp/22 | ssh | 200-206-165-56.dsl.telesp.net.br 19:21:44 67.81.10.68 tcp/445 | microsoft-ds | ool-43510a44.dyn.optonline.net 19:21:46 67.81.10.68 tcp/445 | microsoft-ds | ool-43510a44.dyn.optonline.net 19:21:52 67.81.10.68 tcp/445 | microsoft-ds | ool-43510a44.dyn.optonline.net 19:40:19 68.49.69.194 tcp/80 | http | pcp814368pcs.nrockv01.md.comcast.net 19:40:22 68.49.69.194 tcp/80 | http | pcp814368pcs.nrockv01.md.comcast.net 20:30:59 64.246.42.97 tcp/111 | sunrpc | Host not found: 3(NXDOMAIN) 21:59:59 68.49.161.8 tcp/80 | http | pcp732113pcs.arlngt01.va.comcast.net 22:00:02 68.49.161.8 tcp/80 | http | pcp732113pcs.arlngt01.va.comcast.net 00:35:31 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 00:35:33 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 00:35:39 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 00:35:51 209.131.227.242 tcp/113 | auth | sendak.openprojects.net. domain name pointer 00:59:48 68.50.86.73 tcp/80 | http | pcp697528pcs.lvngst01.md.comcast.net 00:59:51 68.50.86.73 tcp/80 | http | pcp697528pcs.lvngst01.md.comcast.net 02:46:44 68.63.203.215 tcp/80 | http | pcp01308330pcs.orovly01.az.comcast.net 05:07:10 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 05:07:13 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 05:28:10 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 05:28:13 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 06:49:29 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 06:49:32 68.82.244.101 tcp/80 | http | pcp01467684pcs.mchncb01.pa.comcast.net 07:56:46 202.183.164.200 tcp/21 | ftp | dial-8.ras-1.nyk.c.cscoms.com 07:56:49 202.183.164.200 tcp/21 | ftp | dial-8.ras-1.nyk.c.cscoms.com 10:37:12 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 10:37:15 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 10:37:21 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 10:37:33 66.220.21.23 tcp/113 | auth | Host not found: 2(SERVFAIL) 10:37:38 205.252.46.98 tcp/113 | auth | babble-on.systems.cais.net 10:37:41 205.252.46.98 tcp/113 | auth | babble-on.systems.cais.net 10:37:47 205.252.46.98 tcp/113 | auth | babble-on.systems.cais.net 10:37:59 205.252.46.98 tcp/113 | auth | babble-on.systems.cais.net 10:38:23 205.252.46.98 tcp/113 | auth | babble-on.systems.cais.net 10:38:40 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:38:43 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:38:46 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:38:49 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:38:52 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:38:55 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:39:01 193.109.122.5 tcp/23 | telnet | proxyscan.undernet.org 10:39:54 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:39:57 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:00 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:03 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:06 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:09 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:15 193.109.122.5 tcp/3128 | squid | proxyscan.undernet.org 10:40:18 193.109.122.5 tcp/80 | http | proxyscan.undernet.org 10:40:21 193.109.122.5 tcp/80 | http | proxyscan.undernet.org 10:40:24 193.109.122.5 tcp/80 | http | proxyscan.undernet.org 10:40:27 193.109.122.5 tcp/80 | http | proxyscan.undernet.org 10:40:30 193.109.122.5 tcp/80 | http | proxyscan.undernet.org