Researchers at the Univeristy of Texas at Dallas have developed a method for analyzing the activity log files of corporate firewalls. Their analysis can determine what rules the firewall is actually applying to incoming and outgoing network traffic and then compare these with the original rules to spot errors and omissions. Attackers are exploiting a high-severity vulnerability in Cisco s network security software products, which is used by Fortune 500 companies. Read the full article at the University of Texas University of Dallas.
Source: https://threatpost.com/mining-firewall-traffic-better-net-security-042010/73855/