[unisog] sample NAT logs and analysis tools (OBSD- fp)
r.fulton at auckland.ac.nz
Thu Apr 28 00:15:46 GMT 2005
I am shortly going to have to set up NAT our residences firewall and
one of the things I am going to deal with is storage of NAT logs so we
can trace nefarious traffic after the fact.
I am still in the planning phase and I would be grateful if someone
could forward me some sample NAT logs from pf so I can see what I am
On a more general note how do people deal with the problem of tracing
traffic through Natted gateways? Are there any tools available.
One of the things that I am considering is to not bother with the NAT
logs at all but instead run Argus <www.qosient.com> on the inside
interface of the firewall.
Russell Fulton, Information Security Officer, The University of Auckland
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2201 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050428/2e97570f/smime.bin
More information about the unisog