Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX 501 Logging

I would like to log hacking and intrusion attacks via a PIX 501 with a broadband connection into a home office setup. I have the device up and running and I'm currently setup with the Kiwi Syslog Dameon. What would be my best approach to logging all pertinent information with out loading down the device? Any suggestions / tricks would be appreciated.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: PIX 501 Logging

This is a common logging setup I use:

logging on

logging timestamp

logging trap informational

logging host inside x.x.x.x

no logging message 106015

no logging message 106007

no logging message 105003

no logging message 105004

no logging message 309002

no logging message 305012

no logging message 305011

no logging message 303002

no logging message 111008

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 304001

no logging message 111005

no logging message 609002

no logging message 609001

no logging message 302016

I generally don't enable logging buffer (never use logging console as it will affect performance) as it doesn't timestamp the messages (it only timestamps to the syslog). But the PIX won't get loaded down with the load, you and Kiwi will before the PIX does.

Also enable the IDS feature on the PIX.

Hope it helps.

Steve

1 REPLY

Re: PIX 501 Logging

This is a common logging setup I use:

logging on

logging timestamp

logging trap informational

logging host inside x.x.x.x

no logging message 106015

no logging message 106007

no logging message 105003

no logging message 105004

no logging message 309002

no logging message 305012

no logging message 305011

no logging message 303002

no logging message 111008

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 304001

no logging message 111005

no logging message 609002

no logging message 609001

no logging message 302016

I generally don't enable logging buffer (never use logging console as it will affect performance) as it doesn't timestamp the messages (it only timestamps to the syslog). But the PIX won't get loaded down with the load, you and Kiwi will before the PIX does.

Also enable the IDS feature on the PIX.

Hope it helps.

Steve

893
Views
0
Helpful
1
Replies
CreatePlease to create content