For the life of me I cannot figure out how to view the log files sent to the sensor when "ip log" is set for the action on the signatures. I know where they are in the sensor, they are raw data files tho. How do you read these ? I am assuming they are similar to a sniffer trace with all the packet info in them. Tried ftp'ing them and opening them with sniffer pro, didn't work tho. Can someone point me in the right direction ?
Thanks, btw it's www.ethereal.com .org was some tarot card place ! LOL I'm running 3.0(4)s4 on the sensor already. You said it's in tcp dump format, how do I view those, again, it appears to be raw data. I tried sniffer pro, didn't work. I'll try the ethereal today if I get a chance.
If you recieved the CD for the upgrade to 3.0 onthe sensor, Ethereal comes with it and iplogs can be viewed from the director. You can also put it on a Windows machine. I FTP the files down to my Win2k machine and view them with Ethereal there.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...