[Dshield] submit firewall logs

Kevin Whelan Kevin at mfs-group.co.uk
Thu May 23 16:53:16 GMT 2002

I have been trying to find for a while if there is an easy way to submit
ISA logs.  Does anyone know of any ways of doing this.

Thanking you in advance

Kevin Whelan
IT Manager
235 The Broadway
SW19 1SD
Tel.   020 8543 6244
Fax.   020 8545 5377
This e-mail message and any attachment may contain confidential
information intended for the addressee(s) only. 

If you are not a named recipient or if you have received it in error,
please e-mail the sender or telephone 020 8543 6244 and then delete the
message from your system.  You should not read, use, copy, forward or
disclose the contents to anyone else.

Unless the content of this e-mail has been approved by MFS IFA, any
views or opinions expressed are those of the sender and do not
necessarily represent those of the company.

As the internet is capable of corrupting data, and as e-mails can be
intercepted, MFS will accept no responsibility for any loss of data, or
damage caused if this email or any attachments contain a virus.

-----Original Message-----
From: melvin smith [mailto:Foxtail at emailaccount.com] 
Sent: 23 May 2002 07:14
To: /
Subject: [Dshield] submit firewall logs

I've been trying for a long time to figure out
how to submit firewall logs to dshield.
I have win98se, Opera 6.01 Browser and 
zone alarm pro. What am I supposed to put 
in the subject line?? I have no problem
with the time zone except where to put it.

The instructions are for all kind 
of obscure firewall programs such as sonicwall
and raptor, but nothing about zone alarm.
Somebody please take the time to post the
procedure please, I'm sure others have come 
to this roadblock after going thru the sign
up process.  Thanks.     Mel.

How to send firewall logs to DShield as email

Report submissions are accepted via e-mail. The email has to be sent to
'reports at dshield.org'. Please submit at least once a day, if possible,
but no more often than once an hour. 

The subject line of the email should identify the format and the UserID
(if known.) Please use one of the following formats:

Subject: FORMAT IPCHAINS USERID 12345  TZ -05:00 [Clientname Version #]
Linux 2.2.x Kernel format (ipchains)

Subject: FORMAT IPTABLES USERID 12345  TZ -05:00 [Clientname Version #]
Linux 2.4.x Kernel format (iptables)

Subject: FORMAT SONICWALL USERID 12345  TZ -05:00 [Clientname Version #]
SonicWall format as created by the SonicWall firewall

Subject: FORMAT RAPTOR USERID 12345  TZ -05:00 [Clientname Version #]
Raptor format as created by the Raptor firewall

Subject: FORMAT DSHIELD USERID 12345  TZ -05:00 [Clientname Version #]
DShield format

DShield is the preferred format. 

(12345 is the UserID in this case. Please substitute your own UserID.)
TZ -05:00 would be for EST (Eastern Standard Time) Please put in your
own time zone. Determine your time zone from this list: 

(Optional) ClientName Version # should be the name of the client program
and its version number. This is optional, but, if included, this helps
us to debug any problems. Do not include the [] brace characters--they
are to indicate that this is optional. 

A free email account your friends will never forget!
Get YOURNAME at EmailAccount.com  at http://www.emailaccount.com/

Promote your group and strengthen ties to your members with
email at yourgroup.org by Everyone.net  http://www.everyone.net/?btn=tag

Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list