On Tue, 6 Jan 2004, Mohit Kumar wrote: > I am currently trying to develop a parser/monitoring app for the Checkpoint > firewall. What I am getting a set of checkpoint log files which are in > binary format. this is as good a time as any for me to post my long document on firewall logging to the list. it's not terribly easy to follow -- i've started out by putting everything i know or have been able to collect into a single document, with the intention of making it a little easier to read and navigate as time goes on. the whole thing is at http://www.precision-guesswork.com/sage-guide/firewall-logging.html information on getting FW-1 to send network connection logs to a text file, as well as how to capture administrative changes, is available at http://www.precision-guesswork.com/sage-guide/firewall-logging.html#fw1 (at least for unix boxen). it is >>>so<< first-drafty that you probably want to wear a sweater while you're reading it -- please send comments. please also if you have doc or suggestions for firewalls that are not yet listed in this guide, send them along! cheers -- tbird _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Mon Jan 05 2004 - 22:30:29 PST