Solved

How to read a firewall log

Posted on 2007-04-10
6
416 Views
Last Modified: 2010-04-09
Can you provide an example on how to read a firewall log.
0
Comment
Question by:mutec1
  • 2
  • 2
  • 2
6 Comments
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 18889915
             Hi mutec1
                  It depends on which firewall you have hardware or software?
               *Here is for windows firewall
http://technet2.microsoft.com/WindowsServer/en/library/00fb7df9-e11b-498a-a979-e2b37a6e2ff31033.mspx?mfr=true
              *For PIX firewall, enable logging by logging enable and use a syslog server and point that syslog server with following command
               logging host inside ipaddress    (or dmz)
         
0
 

Author Comment

by:mutec1
ID: 18890496
Its a pix firewall and I'd like to understand some the terms to see if the firewall is secure or not.  What has been permitted to pass or what is being denied.  If you have an example it would be great.
0
 
LVL 29

Assisted Solution

by:Alan Huseyin Kayahan
Alan Huseyin Kayahan earned 200 total points
ID: 18891012
               
                *If you use PDM or ASDM interface for PIX, then you may see logs in PDM/ASDM window, when you enable logging as i mentioned above.
                *Here is a detailed article for PIX logging http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=2&rl=1
                *Below is a connection attempt log from one side to other denied by ACL.
%PIX-3-710003 {TCP | UDP} access denied by ACL from source_address/source_port to interface_name: dest_address/service
               *Here are more log messages http://safari.peachpit.com/1587051583/app02lev1sec3

Regards
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 32

Expert Comment

by:rsivanandan
ID: 18891033
0
 

Author Comment

by:mutec1
ID: 18891220
I'm going to be looking at a configuration file, as the user will not let me have a copy of the firewall rules. I want to make sure I can understand what I am seeing.  Would you be able to post a pix configuration file and go over some basics.

Thanks
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 300 total points
ID: 18894956
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

The link above will show you various configuration samples, now what kind of environment is that you're looking at is something that I would not know.

Cheers,
Rajesh
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding 14 173
need rec's for prioritizing bandwidth for new voip system 12 90
Separate Credit Card Machines for PCI Compliance 4 99
Calyptix AE1200 VLAN Question 3 64
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question