king232000 Posted May 27, 2011 Posted May 27, 2011 hello ill try to explain my problem i have a dedicated server with windows 2008 and i activated the firewall and also logs for all profiles but when i open my .log file after a ddos attack like UDP flood / TCP flood / distributed dns DOS ... etc i have no logs at all about this event. before i had a server using windows 2003 server and after any flood attack i can see the attack logs and block the ips / subnet of attacker (when it's possible using the ip security policies) i mean the windows 2008 firewall is not logging all the connections like the 2003's firewall. any idea ? thank you in advance peace Quote
ICTCity Posted May 27, 2011 Posted May 27, 2011 Maybe the point is that you are saving the PUBLIC profile log. Try the following: http://technet.microsoft.com/en-us/library/cc753781%28WS.10%29.aspx And tell me if you can see something in there. Also take a look here: http://technet.microsoft.com/en-us/library/cc754451%28WS.10%29.aspx Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
king232000 Posted June 23, 2011 Author Posted June 23, 2011 hello and thank you for your post i tried all steps without any changes :s any other idea ? are there any software doing this ? (log all traffic connexions IP:PORTS ... etc) thanks Quote
ICTCity Posted June 26, 2011 Posted June 26, 2011 Actually you must be able to log something, from what I know there's any program which can do that. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Recommended Posts