Re: Logging exclusions by MikeV06
MikeV06
Tue Dec 13 08:57:01 CST 2005
On Mon, 12 Dec 2005 23:04:52 GMT, Jeff Cochran wrote:
> On 12 Dec 2005 07:50:01 -0600, MikeV06 <me@privacy.net> wrote:
>
>>I have ip ranges set up for web sites and ftp. Whenever one is activated in
>>ftp it logs it in the event window under the FTP service name. However, I
>>can find no reference in any logs for HTTP rejections. I can see the
>>packets coming in at my router, but cannot find any logging of access or
>>rejection in any of the server logs. Where and what do I need to do to log
>>rejects?
>
> If it gets to IIS it gets logged. If not, it doesn't. If you exclude
> IP ranges, IIS never sees the request to log it. I think you may be
> able to audit these in the security event log.
>
> Jeff
That was my thought. My deny for ftp are in the event log. The deny packets
for http never show up in any log even though I see them in the router log.
I have checked my security policy and all looks OK. How the heck does one
find out why no log entries are being set?