Anyone have any experience with the Phoenix Adaptive Firewall? It was bought out by Cobalt, then Sun bought Cobalt. Sun is still selling the boxes. The logs it produces are proprietary in nature and the documentation is minimal, at best. I've gone through the tech support/professional services offered by the company, and they don't have the answer to my questions either. Question: Anyone out there have a program/script that can interpret the logs? I'd be willing to pay for it if need be. Below is a small excerpt from one: (The I.P. addresses are real, and I don't care if you see them, they're public anyway) 12/26-23:59:36 eth1:: 3/3/icmp 207.238.224.214 -> 64.111.42.192 88 !pass (527) 12/26-23:59:39 eth1:: tcp 207.238.224.214/80 <- 64.111.42.192/2273 40 !pass (527) 12/26-23:59:39 eth1:: 3/3/icmp 207.238.224.214 -> 64.111.42.192 88 !pass (527) 12/26-23:59:40 eth1:: udp 207.238.224.214/80 <- 207.238.224.213/53 64 !pass (517) 12/26-23:59:40 eth1:: 3/3/icmp 207.238.224.214 -> 207.238.224.213 112 !pass (527) 12/26-23:59:40 eth1:: udp 207.238.224.214/80 <- 207.238.224.213/53 64 !pass (517) 12/26-23:59:40 eth1:: 3/3/icmp 207.238.224.214 -> 207.238.224.213 112 !pass (527) 12/26-23:59:40 eth1:: udp 207.238.224.214/80 <- 207.238.224.213/53 64 !pass (517) 12/26-23:59:40 eth1:: 3/3/icmp 207.238.224.214 -> 207.238.224.213 112 !pass (527) 12/26-23:59:45 eth1:: tcp 207.238.224.214/25 <- 216.33.156.139/64977 60 syn !pass (492) 12/26-23:59:45 eth1:: 3/3/icmp 207.238.224.214 -> 216.33.156.139 108 !pass (527) 12/26-23:59:45 eth1:: tcp 207.238.224.214/80 <- 64.111.42.192/2274 40 !pass (527) Any help anyone can give would be greatly appreciated. Thanks, Michael Sorbera Webmaster Randolph-Brooks Federal Credit Union - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
