10-23-2002 11:31 AM - edited 02-20-2020 10:19 PM
I would like to log hacking and intrusion attacks via a PIX 501 with a broadband connection into a home office setup. I have the device up and running and I'm currently setup with the Kiwi Syslog Dameon. What would be my best approach to logging all pertinent information with out loading down the device? Any suggestions / tricks would be appreciated.
Thanks
Solved! Go to Solution.
10-23-2002 12:00 PM
This is a common logging setup I use:
logging on
logging timestamp
logging trap informational
logging host inside x.x.x.x
no logging message 106015
no logging message 106007
no logging message 105003
no logging message 105004
no logging message 309002
no logging message 305012
no logging message 305011
no logging message 303002
no logging message 111008
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 304001
no logging message 111005
no logging message 609002
no logging message 609001
no logging message 302016
I generally don't enable logging buffer (never use logging console as it will affect performance) as it doesn't timestamp the messages (it only timestamps to the syslog). But the PIX won't get loaded down with the load, you and Kiwi will before the PIX does.
Also enable the IDS feature on the PIX.
Hope it helps.
Steve
10-23-2002 12:00 PM
This is a common logging setup I use:
logging on
logging timestamp
logging trap informational
logging host inside x.x.x.x
no logging message 106015
no logging message 106007
no logging message 105003
no logging message 105004
no logging message 309002
no logging message 305012
no logging message 305011
no logging message 303002
no logging message 111008
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 304001
no logging message 111005
no logging message 609002
no logging message 609001
no logging message 302016
I generally don't enable logging buffer (never use logging console as it will affect performance) as it doesn't timestamp the messages (it only timestamps to the syslog). But the PIX won't get loaded down with the load, you and Kiwi will before the PIX does.
Also enable the IDS feature on the PIX.
Hope it helps.
Steve
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: