Educause Security Discussion mailing list archives
Re: Cisco Pix firewall question
From: "Di Fabio, Andrea" <adifabio () NSU EDU>
Date: Fri, 7 Aug 2009 14:45:08 -0400
I believe the following table still applies: System unusable 0 Immediate action required 1 Critical condition 2 Error conditions 3 Warning conditions 4 Normal but significant conditions 5 Informational messages 6 Debugging messages 7 Configurations fall under 5 and authentication under 6, %PIX-6-113004: AAA user authentication Successful : server = 10.1.1.1 : user = joe %PIX-5-111008: User 'joe' executed the 'configure terminal' command. %PIX-5-111008: User 'joe' executed the 'no shun 10.3.3.3' command Also, DENY falls under 4 and Built and Teardown connections under 6. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade Sent: Friday, August 07, 2009 1:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Cisco Pix firewall question Is anyone familiar as to what logging level is associated with changes ( add,modify,delete ) to the Firewall rules within PIX ? We essentially want to capture a minimum of this level via syslog redirection. Thanks, Anand
Attachment:
smime.p7s
Description:
Current thread:
- Cisco Pix firewall question Anand S Malwade (Aug 07)
- <Possible follow-ups>
- Re: Cisco Pix firewall question Kevin Hayes (Aug 07)
- Re: Cisco Pix firewall question Di Fabio, Andrea (Aug 07)