Firewall Wizards mailing list archives
Re: FW: Log Analysis tools list
From: Lance Spitzner <spitzner () dimension net>
Date: Fri, 30 Jul 1999 10:38:47 -0400 (EDT)
On Wed, 28 Jul 1999, Safier, Adam (GEIS) wrote:
Can anyone provide a list or point me to a site that lists commercial (not freeware) Firewall Log Analysis tools for FW-1, Pix, and CISCO IOS.?
I've just updated a goody you may be interested in, for FW-1. Its a script that works with FW-1 alert functions. It detects when your systems are being probed, alerts you, emails the admin of the remote system (optional), and can even automatically block the probing source. I've just put up the latest version, the code is much cleaner and easier to read. You can also add your own modules/functions to this. More at: http://www.enteract.com/~lspitz/intrusion.html
Here is what I got on an Altavista search. Long list of tools for tracking web and other activity. No firewall tools I recognize. http://www.egd.igd.fhg.de/~sandberg/loganalysis.html The following has eval reports on 2 products: http://www.cs.purdue.edu/coast/projects/tooleval/docs/firewall.html Firewatch (Belcore) Telemate.Net for Windows NT http://www.telemate.net And a review of firewall mailing lists: Not for FW-1 - http://www.psionic.com/abacus/abacus_logcheck.html WebTrends, HitList, Telemate, XaCCT What ever happened to Haystack? Tools such at Netcool seem to be missing from my searches. Thanks, Adam
Lance Spitzner http://www.enteract.com/~lspitz/papers.html Internetworking & Security Engineer Dimension Enterprises Inc
Current thread:
- FW: Log Analysis tools list Safier, Adam (GEIS) (Jul 29)
- Re: FW: Log Analysis tools list Lance Spitzner (Jul 30)
- <Possible follow-ups>
- Re: Log Analysis tools list Bill Pennington (Jul 30)