Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Reporting firewall logs SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Reporting firewall logs

We got a couple of users forwarding firewall logs to the handlers\at/sans.org e-mail address. While we appreciate logs, malware and other reports like it, please don't send automated log reports to handlers\at/sans.org. If you send logs, include some detail why you consider them unusual.

Please use DShield for automated log reporting (see http://www.dshield.org/howto.html ). Our handlers have access to the DShield database and regularly check it for unusual activity.

Thanks!

 

Johannes

3904 Posts
ISC Handler
Jul 17th 2007

Sign Up for Free or Log In to start participating in the conversation!