Is there a way to count total firewall hits?

Is there a way to count total firewall hits - both allowed and blocked?
Thanks

Evening “dustoff”

My name is Jacob Kilgore,
I’m one of the Moderators here at Comodo Forums
I would like to try to solve your Question Quick As Possible

Haha

You sure you want this?

Open Up CIS
Firewall > Advanced > Predefined Firewall Policies > Select “Any of the items on the list until you went through all of them” > Edit > Tick “Log as a firewall event if this rule is fired” > Apply > Next Prefefined Policy Until you get all of them > Apply (You must click apply or all your editing will be discarded)

Stay in the Advance Section > Network Security Policy > Edit Every Single Custom One By Ticking “Log as firewall event if this rule is fired” > Apply (Make Sure You Click Apply & Not Exit/Close

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

In my opinion, he wants to check any suspicious bypassing attacks or connections.
Sometimes I do that. lol

I have been running my own apache for win web server for approx. 7 months. My traffic is increasing - both good and bad traffic. I would like to know how many hits the firewall is getting. I know how to “block and log” and “allow and log”. What I would like is to see a daily tally of hits. I there a way to set up a log for this? I see the “log as a firewall event” - but where does this get logged?
Thanks for the quick responses.

Thank You For Your Quick Reply “dustoff”

If you open up CIS > Firewall > View Firewall Events
This is where you can see what has been logged
If you Click More then it goes into a better view which you can see “Today/This Week/This Month/All The Times”

Does This Help?

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

You are faster than a speeding bullet - THANKS
I do know how to view that info. I believe what I am looking for is a way to log grouped hits (allow/deny) as opposed to individual hits. Does Comodo offer this?
P.S. I have been nothing but happy with Comodo products. They are great!
Thanks

I believe that is impossible,

Open Up CIS > Firewall > View Firewall Events > More > Filter > Firewall Logs
“Action” to see weather it has been blocked or not etc
If you mean this well there you go :slight_smile:

Maybe make a wish in the Firewall Wishlist if it’s not what you are looking for
here: https://forums.comodo.com/firewall_wishlist-b147.0/

Im glad that you are happy :slight_smile:

  • Jacob Kilgore

Are you using Apache ? So, you are using Mysql with apache right?
I strongly recommend you use following tools.

Snort win32 - http://www.snort.org/
Honeynet Security Console - http://www.activeworx.org/
(WinPcap, .NET Framework should be installed before you use above tools)

It gives you everthing you want know even statistics about your server traffic.
You should use both of them(snort, honeynet security console),
because these two tools can be connected each other.
Sure~~ it’s free tools.

Snort can analyze protocols, buffer over flow attacks, port scanning, CIG attacks,
SMB scanning, recognition OS information attack etc.
Also Snort’s detection rules are easy to edit almost whatever you want.

Honeynet Security Console is a real time monitoring tool for IDS, firewall log,
syslog, TCPDump etc.(just same as EMS system).
It can be connected with Snort IDS, multiple Statistics, Packet Analize, nslookup,
whois, ping etc. Also it has network utility support function, detail analyze
for occured events.
Actually it’s better than ACID, honeynet security console has better user interface.

Have a nice day.