Firewall Wizards mailing list archives
Re: Reading firewall logs
From: "Talisker" <Talisker () technologist com>
Date: Mon, 1 May 2000 14:53:22 +0100
Alex I've been looking at CMDS from ods.com (now intrusion.com) my first impressions are good, I know it accepts logs from Cisco routers and FW-1 as well as NT and Solaris. I haven't tried it on the former yet. Might I suggest you download an eval and give it a whirl. If you do let me know your feelings on the product. I have a bit more info on my website at www.internations.net/uk/talisker look for Host based IDS, it's in there, though please bear in mind that the info is from the vendor from before I started looking at it. The opinions contained within this transmission are entirely my own, and do not necessarily reflect those of my employer. ----- Original Message ----- From: Alex Lim <mwlalex () magix com sg> To: fwz <firewall-wizards () nfr net> Sent: Wednesday, April 26, 2000 4:21 AM Subject: [fw-wiz] Reading firewall logs
Hi, I am hoping to hear some enlightening comments on reading firewall logs. I am curious if people are actually doing it or is there some kind of tools that we can buy off the shelf. I dun think it's productive or efficient to ask an employee to spend a few hours reading the logs just to look out for anomalies. Anyone care to comment ? BTW I am referring to the Checkpoint FW-1 logs. TIA Alex Lim
Current thread:
- Re: Reading firewall logs Talisker (May 05)
- <Possible follow-ups>
- Re: Reading firewall logs Alex Lim (May 05)
- Re: Reading firewall logs ark (May 05)
- RE: Reading firewall logs SIU Credit Union IS Dept (May 05)
- Re: Reading firewall logs Bill_Royds (May 12)