Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Logging port scans




Thanks, but still doesnt explain why its taking up 70% cpu and causing syslogd
to take up 20%(./portsentry -tcp).

Also when I try to ping it from different places, its logged as the same
incident. If the output was a bit more consistent, using perl to get a summary
wouldnt be a problem at all.

A.Sajjad


Austin Kurahone wrote:

> Portsentry + Perl.  Edit syslog.conf to log to a seperate file, and a bit of
> perl voodoo to parse and do summaries. (Cron it to run once a month).
>
> I've had generaly good luck with it, and the code seems to be farily good,
> which is essential for such things...
>
> --
> Austin K. Kurahone
> Tokyo Linux Users Group / SIGUSR1 R&D
> Hail Eris! All Hail Discordia!
> "Never frighten a small man.  He'll kill you." --Lazarus Long
>
>   ------------------------------------------------------------------------
>    Part 1.2Type: application/pgp-signature


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links