Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: [logs] SIM Analysis of Firewall Logs
Sep 27 2007 06:45PM
Ron Gula (rgula tenablesecurity com)
Several comments ....
Firewalls log more than just accepts and denies and configuration
changes. A lot of them will log DOS attacks, port scans, VPN session
starts and so on. If your SIM can pull those types of logs out, they are
useful as well.
Focusing on accepts and denies is interesting for tr...
[ more ]
Copyright 2010, SecurityFocus