Logs allow you to understand what is going on with your firewall under the surface. Learn where your firewall logs are located, which ones hold what information, and what to do with them.
- [Lecturer] When reading the logs … to troubleshooting your firewall, you're going to run into … a bunch of acronyms that you won't understand at first. … So these are TCP control flags, and they indicate how data … should be handled in routing so it can be useful … for you to know what they mean. … That way when you encounter them … you'll have a better insight into what may be happening. … Let's take a look at a few and see what they mean. … First is CWR, which refers to congestion window reduced. … It's a flag set by the sending host to indicate … that it received a TCP segment it was supposed to echo. … You'll see CWR referenced when the network … is congested enough to risk dropping packets. … This only works at the end if all of the equipment … in the chain of communication can handle … explicit congestion notification. … The next one is ECE, or ECN-Echo, … which refers to the echo referenced by the CWR flag above. … It just indicates that the TCP peer is Echo capable. … URG references the urgent pointer field in a TCP packet, …
Author
Sean Colins
Released
8/14/2019- Designing your network
- Creating firewall schedules and rules
- Setting up a virtual IP
- Using aliases to group hosts
- Preventing local traffic from exiting to the internet
- Using Snort and other intrusion detection systems
- Prioritizing VoIP traffic
- Blocking access to specific websites
- Troubleshooting gaming performance issues
- Interpreting TCP flag definitions
Skill Level Beginner
Duration
Views
-
Introduction
-
Why do you need a firewall?2m 51s
-
Types of firewalls4m 14s
-
What it won't do2m 36s
-
Plan for your firewall3m 14s
-
Design your network2m 35s
-
Document your design2m 59s
-
1. Basic Firewall Configuration
-
Understand protocols2m 47s
-
Initial setup5m 27s
-
Create firewall schedules2m 24s
-
Create firewall rules4m 57s
-
Create floating rules2m 35s
-
2. Advanced Firewall Configuration
-
Use ports in aliases4m 58s
-
Traffic shaping3m 11s
-
3. Configuration Case Studies
-
Prioritizing VOIP traffic6m 35s
-
Blocking access to websites4m 14s
-
Intrusion protection basics7m 47s
-
Understand proxies and SSL4m 24s
-
-
4. Troubleshooting
-
Firewall command-line access5m 35s
-
-
Conclusion
-
Next steps1m 7s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Read logs and interpret TCP flag definitions