Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Logging DOS, scan activity in a PIX?

I need to gather the following information from a PIX log.

•machine scanning—scanning a network to see the machines it contains

•port scanning—scanning the ports on a machine to see the running services

•port overuse—the abuse of a service offered by a particular machine

•too many accepts, rejects or drops— for instance, users receiving persistent denials of service

•oversized data transfers— for instance, excessively large FTP transfers

what do I need to set on the PIX to send this information to logging server.

Ive read that I can do this using cisco info center, but only with SUN?

can I do this using linux? is there a way to implement this on linux?

Please help.


Re: Logging DOS, scan activity in a PIX?

This chapter lists the PIX Firewall system log messages. The messages are listed numerically by message code.

The messages shown in this guide only apply to PIX Firewall version 5.3 and later. When a number is skipped from a sequence, for example, 106004 or 110001, the message is no longer in the PIX Firewall code.