[Dshield] Windows XP Pro Firewall Logs
Johannes B. Ullrich
jullrich at euclidian.com
Thu Oct 18 17:36:00 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
A full week ahead of the official launch of Windows XP, we got a client
ready to submit Windows XP Pro firewall logs. The logging in Windows XP
Pro is actually not bad. However, the firewall feature is a bit hidden, so
we setup an instruction page that will show you how to enable it:
Before you ask: The firewall in XP works, but is basic. You can only
filter incoming connections, and you will not see any alert boxes pop up.
But the log is pretty good and details (with flags, tcp sequence numbers
and such). I think you need the 'pro' version to get the firewall. Please
correct me if this is not true. If you have it, enable it...
Thanks to Wayne for getting the parser ready so quickly.
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list