Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Logging port scans
- To: tlug@example.com
- Subject: Re: Logging port scans
- From: Austin Kurahone <austin@example.com>
- Date: Thu, 7 Dec 2000 16:01:07 +0900
- Content-Disposition: inline
- Content-Type: multipart/signed; micalg=pgp-md5;protocol="application/pgp-signature"; boundary="6c2NcOVqGQ03X4Wi"
- In-Reply-To: <3A2F1F64.C789E56E@example.com>; from sajjad@example.com on Thu, Dec 07, 2000 at 02:25:56PM +0900
- References: <3A2F1F64.C789E56E@example.com>
- Reply-To: tlug@example.com
- Resent-From: tlug@example.com
- Resent-Message-ID: <orw7e.A.MmE.CYzL6@example.com>
- Resent-Sender: tlug-request@example.com
- User-Agent: Mutt/1.2.5i
On Thu, Dec 07, 2000 at 02:25:56PM +0900, A.Sajjad Zaidi wrote: > Ive been searching for a good port scan logger for a while now, but > havent had much luck. > > I tried 'scanlogd', but that didnt work at all. I also struggled with > 'portsentry' from Psionic, but firstly, it took up about 70% cpu and > then the logging wasnt what i wanted. Portsentry + Perl. Edit syslog.conf to log to a seperate file, and a bit of perl voodoo to parse and do summaries. (Cron it to run once a month). I've had generaly good luck with it, and the code seems to be farily good, which is essential for such things... -- Austin K. Kurahone Tokyo Linux Users Group / SIGUSR1 R&D Hail Eris! All Hail Discordia! "Never frighten a small man. He'll kill you." --Lazarus Long
- Follow-Ups:
- Re: Logging port scans
- From: "A.Sajjad Zaidi" <sajjad@example.com>
- Re: Logging port scans
- References:
- Logging port scans
- From: "A.Sajjad Zaidi" <sajjad@example.com>
- Logging port scans
- Prev by Date: Re: DSL in Tokyo (again)
- Next by Date: Re: who's coming? (was Re: [announcement] 12/15 "bonenkai" @example.com TokyoEkiMae)
- Prev by thread: Logging port scans
- Next by thread: Re: Logging port scans
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |