Hi, You must review all the logs that you have because of the follwing:
- The IDS does not include all the possible vulnerabilities (there may be new ones). - You can find more information from the fw log file.It can guide you to the specific location that the intruder is interested in. - The FW log file contains the errors and any other malicious actions that can affect your FW itself. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Mon, October 15, 2001 9:04 AM To: [EMAIL PROTECTED] Subject: IDS logs vs FW1 logs In regards to external connections and access log montitoring, what/would there be a reason to monitor your FW logs if you already have an IDS and logging in place on that system?? Regards, Nic
