-
Senior Member
registered user
Originally Posted by
jjmac
So ... the logwatch facility has been extracting that info and presenting it via the local mail facility.
Code:
logwatch extract ...
Dropped 72 packets on interface ppp0
From 24.207.157.140 - 2 packets
To 203.58.186.120 - 2 packets
Service: 15118 (tcp/15118) (FW_LASTDROP:,ppp0,none) - 2 packets
From 61.155.9.171 - 1 packet
To 203.58.186.120 - 1 packet
Service: ssh (tcp/22) (FW_LASTDROP:,ppp0,none) - 1 packet
From 64.62.190.36 - 36 packets
To 203.58.186.120 - 36 packets
Service: telnet (tcp/23) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: www (tcp/80) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: socks (tcp/1080) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: 3128 (tcp/3128) (FW_LASTDROP:,ppp0,none) - 4 packets
Service: 6588 (tcp/6588) (FW_LASTDROP:,ppp0,none) - 4 packets
Service: webcache (tcp/8080) (FW_LASTDROP:,ppp0,none) - 4 packets
From 83.245.15.238 - 3 packets
etc
As you can see i label my DROP target as "FW_LASTDROP".
I'll have to look into my "snort" setup and possible configure some alet for those.
jm
I have snort installed, and it sends output to mail, not very interesting output though...
Upon seeing your output for logwatch, I installed it, but, I dont get output mailed on the ppp0, or even eth0 stuff - how did you get logwatch to get you the output above ?
I'd like to have a monitoring program working, like what your output shows above, but, I guess I need to create the filters / services code to get what you are getting ( I guess ) ?
Ms. Cuddles
-
Senior Member
registered user
right now, firestarter isnt wanting to work for me...
Similar Threads
-
By jeditalian in forum Tips and Tricks
Replies: 2
Last Post: 06-13-2010, 05:32 PM
-
By leif in forum Hardware & Booting
Replies: 6
Last Post: 03-27-2009, 10:33 PM
-
By lotech in forum General Support
Replies: 2
Last Post: 07-26-2005, 03:26 AM
-
By tonynaia in forum General Support
Replies: 6
Last Post: 01-10-2004, 05:47 PM
-
By probono in forum Customising & Remastering
Replies: 2
Last Post: 03-02-2003, 04:27 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 256GB RAM 8x25G NIC 2x2200W
$2512.18
CSE-118 Supermicro 1U 3x GPU Server 2.1Ghz 16-C 128GB CX353A 2x1600W PSU Rails
$450.03
CSE-118 Supermicro 1U GPU Server 2.6Ghz 20-C 256GB 2x Nvidia K40 GPU 2x1600W PSU
$674.03
Dell R730xd 12LFF 2.6Ghz 20-C 128GB H730 2x10G+2x1G NIC 2x1100W 12x Trays Rails
$721.05
Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB
$510.00
DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45
$275.00
Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD
$389.99
SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount
$224.99
Dell PowerEdge R430 3.5 1U 2x E5-2690 v3 2.6ghz 24-Cores 256gb 4x Trays 2x 550w
$289.99
HP ProLiant DL380 Gen9 16SFF 2x E5-2680v4 2.4GHz =28 Cores 64GB P840 4xRJ45
$355.00