Re: Attacks and Logs
From: Maxx Pollare (notmaxxpollare@deadspam.com)Date: 08/02/02
- Next message: phoenix: "Re: Router and software firewall."
- Previous message: Lassi Hippeläinen: "Re: Relationship SSH <-> VPN ??"
- In reply to: Jean-Daniel Mālet: "Attacks and Logs"
- Next in thread: steve harris: "Re: Attacks and Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Maxx Pollare <notmaxxpollare@deadspam.com> Date: 2 Aug 2002 14:15:58 GMT
"Jean-Daniel Mālet" wrote in the message
<news:aie2c4$eqr$1@wanadoo.fr>
[compacted]
> Hi!! Is it possible, by finely scannings the firewall's logs
> (or others methods), to detect an attack that the firewall has
> not detected himself? I dont need any details, I just want to
> know if it's possible.
That depends on the program/router/Nat & the logs...
If the log is just a record of "net traffic", finding a missed attack is
a pointless process. Your more likely to find more false positives then
actual attacks. Just achieve the files for later use & trust that the
firewall knows what it's doing.
(It's tough to do, I should know....)
-- Maxxwell C.G. Pollare - Insomnia is my drug of choice...Spamail: maxxpollare@hotmail.com
- Next message: phoenix: "Re: Router and software firewall."
- Previous message: Lassi Hippeläinen: "Re: Relationship SSH <-> VPN ??"
- In reply to: Jean-Daniel Mālet: "Attacks and Logs"
- Next in thread: steve harris: "Re: Attacks and Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
