Re: Firewall log example?
Quote:
Originally posted here by Jason1977
Here is just a snipit of my firewall logs from Kiwi sys logger.
My boss wants me reviewing these logs daily. What exaclty should I be looking for? what shoudl pop out as a red flag?
What definitely pops up as a red flag is the fact you're posting this information on a public forum for the whole world to enjoy. I don't think your boss would like that.
But a few of the ones I definitely would checkout are those outbound IRC connections (port 6667). This could indicate a trojan infection on your network.