When TCP/IP end system security is enabled and running, all rule violations are securely logged; they are not reported on the system console. Each rule violation is logged with a TCPIP security report that contains a denial access report explaining why the request is denied. The denial access report lists the request parameters and the denial reasons. The denial reasons could be any of the following:

ACCESS TO WELL KNOWN PORT RESTRICTED
ACCESS DENIED BY NO MATCHING ALLOW RULE FOUND
ACCESS DENIED BY DENY RULE <deny rules>

Refer to the Networking Reports and Log Messages Help for details on this log report syntax including a complete list of the <deny rules>.

The security administrator should review logged TCP/IP security reports on a regular basis. Refer to the MCP Security Overview and Implementation Guide for information on establishing an effective site security program.