PIX messages, which usually go to the console, can be collected if the messages are sent to a device running a syslog daemon (syslogd). These messages can provide information on the site visited by an inside host or workstation because the IP address of the website is logged.
The PIX cannot be configured to send the Domain Name System (DNS) to the syslog server of a website in the syslog messages instead of the IP address.
To monitor traffic that passes through the PIX, use syslog messages logged to a syslog server or PIX Device Manager (PDM).
For information on how to configure the PIX to send syslog messages to a server or to the console, refer to these documents:
Hi All, I am working on Cisco FTD which are managed by FMC. I ahve conifgured the DNS group: I did an nslookup from the firewall but the firewall doesnt seem to resolve google.comI ahve route pointing towards the inside interface for 10.0....
Attackers will always target the "low hanging fruit": devices that have passed end-of-software maintenance and end-of-support. A few years ago, Cisco described the evolution of attacks against infrastructure devices. All of the attacks discussed in t...