security? help i have no clue

[graver]

I know this is a stupid question but I inherited a BM 3.5 enterprise edition firewall...where are the log files i need to look at to see if this thing is getting hacked....I should probably know this...and what are some common exploits to look for? Also, how do i turn on logging if it is not on already?

Tamra Graver --CNA
*************************************
It is my job to comfort the disturbed
and disturb the comfortable..........

 

[Provogeek]

Logging is not enable by default.

BM is a nice multifunction firewall, but it's not the greatest thing out there. The logs you want are the packet filter logs, should be located in SYS:ETC.

You use the utility FILTCFG to configure the filters. This tool is also the place you can enable logging. Remember, the logging will suck up drive space and consume resources, basicly slow your server down. Only enable it when you need to. This TID might add more info;

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10077314.htm

I haven't had any hacks on my BM servers, so not sure what the exploits are, haven't hearn any news on exploits either.

Brent Schmidt CNE,Network +
Senior Network Engineer
Keep IT Simple

http://www.kiscc.com