Does anyone have a good source for deciphering firewall logs? I'm using a hardware appliance with a linux kernel that works exceptionally well (considering the price) but it would be nice if I could make sense out of the log files! Thanks!

BTW anyone catch the article about ms using Netscreen firewall devices to protect their SQL Labs??? Guess ISA Server doesn't work that gooder with MSSQL!!

That which does not kill me sometimes putz me to sleep......

Here's a basic one...

http://www.robertgraham.com/pubs/firewall-seen.html

Thanks Golden_Eternity! That's helpful. If you have any other links I'd appreciate them. I've been a microsloth engineer for a while which has finally led me to the security path. Go figure! Talk to you soon.

Some of the links may be broken, since I haven't maintained this page for a while, but...

http://www.bhodisoft.com/security_resources.shtml

Thanks again. That's an even bigger help. If only there were more weeks in a day..........



That which does not kill me makes me wonder how my 401k plan is doing....