Christmas Eve packet

[Andrew Hallberg <hallberg () GLOBALCENTER NET>]

This was in the morning logs, nestled amongst dozens of NetBIOS Scans:

src=255.186.255.232 dst=255.187.255.240 service=IP protocol 0 policy=13345
action=Deny duration=1008443392 start_time="2000-12-24 05:43:00"

This get more odd the more I look at it. The firewall this came off of has
real IP's, so the 255 addys are really wierd. The Netscreen has never listed
a "Protocol 0", there are only 30 policies on the FW, and I know for a fact
that it hasn't been up for 32 years. ;) Also the date is off. The FW has the
correct date setting, so it shouldn't be reporting something for next week.

Is this a known Netscreen 100 issue, or is it a malformed packet that
slipped thru the cracks? And if so, could someone give me a clue as to where
this would come from?

Andrew Hallberg
Security TAM
Globalcenter, Inc.