Hi,
Thats not what I'm after ...... the ports and IP's etc are no problem. Lets say I have a anonomous ftp connection, instead of seeing only disallowed packets (all packets except ftp) I would like to see the allowed packets to that server as well (which would be the ftp in this case), in order to see who is connecting.
Cheers
Mark
-----Original Message-----
From: Daniel Crichton [mailto:[EMAIL PROTECTED]]
Sent: 12 December 2001 12:44
To: Johnston Mark
Cc: [EMAIL PROTECTED]
Subject: Re: Pix FW
On 12 Dec 2001 at 11:36, Johnston Mark wrote:
> This is for those of you who work with a Pix firewall ....
> Is there a way that I can get the pix to log packets that are excepted ?
You can log the IPs and ports, this is part of the syslog handling. If you
want to log the actual packet contents you would need to run something
like snort on each interface using rules that match your PIX conduits/acls
for incoming connections. The PIX itself doesn't (AFAIK, I'm using v5)
allow logging of the actual packet contents.
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
