Try
www.phoneboy.com
(good explanations of ICMP drops and "reason: unknown established TCP
packet" in the FAQs)
http://www.robertgraham.com/pubs/firewall-seen.html
General explanation of reading logs
http://www.enteract.com/~lspitz/logger.html
Lance Spitzner has some interesting methods for manipulating the logs
Ken Butler, Mgr. Network Services
Liberty Bank
Voice (860) 638-2951
Fax (860)343-7468
-----Original Message-----
From: Geoffrey Cheng [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 13, 2001 12:04 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] Check Point Firewall-1 Log analysis
Hi all,
Currently I am working on a project that requires me to look into details
of the log generated from FW-1, is there any useful document or guideline
which could explain most of the error/block/reject messages displayed
in the last column of the log view?
Thanks,
Geoffrey
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
________________________________________________
The information transmitted is intended only for the person
or entity to which it is addressed and may contain confidential
and/or privileged material. If you are not the intended
recipient of this message you are hereby notified that any use,
review, retransmission, dissemination, distribution, reproduction
or any action taken in reliance upon this message is prohibited.
If you received this in error, please contact the sender and
delete the material from any computer. Any views expressed
in this message are those of the individual sender and may
not necessarily reflect the views of the company.
________________________________________________
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
