from ZDNet's Smart Business E-Letter....
Subject: Undocumented Tips of the Day
Date: Wed, 11 Apr 2001
"INTERPRET THE DATA ON YOUR FIREWALL REPORT
PROBLEM: As a ZoneAlarm personal firewall user, you've turned on
"unauthorized connection" logging but need a way to easily analyze
and interpret the logged data.
SOLUTION: The free tool ZoneLog Analyser displays and analyzes the
log produced by ZoneAlarm 2.1.10 and later
cgi.zdnet.com.
Double-clicking on any entry brings up a details screen from which
you can get information on domain names or IP addresses. You can
arrange log entries by type, date, time, source, host name, port,
destination, and transport. You can view all entries, or you can
filter by date and time; port (source and destination); address; and
type (group), such as unknown, harmless, attack, DoS, scan, Trojan,
and outgoing. It produces an IP/port analysis report that can be
sorted by IP address, hit count, or host name. It also includes an
Attack Analyzer mode and an Activity Summary graph with statistics
like total hits, most active day, and most active source." |
