mutec1
asked on
How to read a firewall log
Can you provide an example on how to read a firewall log.
ASKER
Its a pix firewall and I'd like to understand some the terms to see if the firewall is secure or not. What has been permitted to pass or what is being denied. If you have an example it would be great.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a008051a0cc.html#wp1055938
Would the above help?
Cheers,
Rajesh
Would the above help?
Cheers,
Rajesh
ASKER
I'm going to be looking at a configuration file, as the user will not let me have a copy of the firewall rules. I want to make sure I can understand what I am seeing. Would you be able to post a pix configuration file and go over some basics.
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It depends on which firewall you have hardware or software?
*Here is for windows firewall
http://technet2.microsoft.com/WindowsServer/en/library/00fb7df9-e11b-498a-a979-e2b37a6e2ff31033.mspx?mfr=true
*For PIX firewall, enable logging by logging enable and use a syslog server and point that syslog server with following command
logging host inside ipaddress (or dmz)