[mattob]

Hi All

I am reviewing the logs in our companies firewall. I am fairly new to the firewall environment and would like to ask some questions.

My analysis of the logs leads every time to the boring output of standard dropped and accepted packets.

I am now willing to learn more about firewalls and log analysis. Therefore I would like to know are there any techniques of analyzing logs for more sophisticated attacks / leaks.

Does anybody know any resources about this?

Thanks

mattob