06-13-2006 05:53 AM - edited 02-21-2020 12:57 AM
We have a pix 520 that I dump the syslog to Pix Firewall syslog server for record keeping. Is there a way to analyze the logs to find potential worms that might be talking through workstations to my network.
Thanks
06-13-2006 10:13 PM
Hi
I feel you can use this decoder tool to find out the exact reason and possible solution for known error logs..
http://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi?action=search&locale=en&index=pixos&query=&counter=0&paging=5&links=reference&sa=Submit
Also you can make use of security advisory notices to find out about known worms and the mitigation path..
http://www.cisco.com/en/US/partner/products/products_security_advisories_listing.html
regds
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community