-
Senior Member
registered user
Originally Posted by
jjmac
So ... the logwatch facility has been extracting that info and presenting it via the local mail facility.
Code:
logwatch extract ...
Dropped 72 packets on interface ppp0
From 24.207.157.140 - 2 packets
To 203.58.186.120 - 2 packets
Service: 15118 (tcp/15118) (FW_LASTDROP:,ppp0,none) - 2 packets
From 61.155.9.171 - 1 packet
To 203.58.186.120 - 1 packet
Service: ssh (tcp/22) (FW_LASTDROP:,ppp0,none) - 1 packet
From 64.62.190.36 - 36 packets
To 203.58.186.120 - 36 packets
Service: telnet (tcp/23) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: www (tcp/80) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: socks (tcp/1080) (FW_LASTDROP:,ppp0,none) - 8 packets
Service: 3128 (tcp/3128) (FW_LASTDROP:,ppp0,none) - 4 packets
Service: 6588 (tcp/6588) (FW_LASTDROP:,ppp0,none) - 4 packets
Service: webcache (tcp/8080) (FW_LASTDROP:,ppp0,none) - 4 packets
From 83.245.15.238 - 3 packets
etc
As you can see i label my DROP target as "FW_LASTDROP".
I'll have to look into my "snort" setup and possible configure some alet for those.
jm
I have snort installed, and it sends output to mail, not very interesting output though...
Upon seeing your output for logwatch, I installed it, but, I dont get output mailed on the ppp0, or even eth0 stuff - how did you get logwatch to get you the output above ?
I'd like to have a monitoring program working, like what your output shows above, but, I guess I need to create the filters / services code to get what you are getting ( I guess ) ?
Ms. Cuddles
-
Senior Member
registered user
right now, firestarter isnt wanting to work for me...
Similar Threads
-
By jeditalian in forum Tips and Tricks
Replies: 2
Last Post: 06-13-2010, 05:32 PM
-
By leif in forum Hardware & Booting
Replies: 6
Last Post: 03-27-2009, 10:33 PM
-
By lotech in forum General Support
Replies: 2
Last Post: 07-26-2005, 03:26 AM
-
By tonynaia in forum General Support
Replies: 6
Last Post: 01-10-2004, 05:47 PM
-
By probono in forum Customising & Remastering
Replies: 2
Last Post: 03-02-2003, 04:27 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G
$13.99
HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin
$12.90
Samsung 128GB (4x 32GB) M86B4G70DM0-CMA3 PC3-14900L 4Rx4 DDR3 ECC Reg Server Mem
$39.99
Samsung 16GB 2Rx4 PC4-2400 RDIMM DDR4-19200 ECC REG Registered Server Memory RAM
$20.99
A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G
$13.99
HyperX FURY RAM DDR4 16GB 8GB 32GB 4GB 3200 2666 2400 2133 Desktop Memory DIMM
$9.64
Lot of 2 32GB DDR4 2666 PC4-21300 SODIMM RAM Modules Mixed Brand
$60.00
8GB PC3L-12800S 1600MHz SODIMM DDR3 RAM | Grade A
$12.00
A-Tech 256GB 4x 64GB 4Rx4 PC4-19200 ECC Load Reduced LRDIMM Server Memory RAM
$287.96
A-Tech 128GB 2x 64GB 4Rx4 PC4-19200 ECC Load Reduced LRDIMM Server Memory RAM
$143.98