Package: scanlogd
Version: 2.2.5-3.2
Severity: important
Scanlogd fails to pick up scan, here it has been tested on two public ips,
computer 1: where it is running scanlogd and tcpdump
computer 2: where nmap ran "nmap -PS22-28 [ip of computer 1]"
When running nmap from machine 2, tcpdump shows the scanning of ports
from 22 to 28. Though scanlogd never reports anything to syslog.
using syslog-ng -- all traffic, no filter,
sourcing -> system() and internal() which should pick up all default
logging facilities
The only thing that gets logged during this session is tcpdump messages
of an interface(basic messages with promiscuous mode going on and ofF)
I'd really like to have this package working as I don't think there are
any other alternatives I can find that can provide the very feature I'm
looking for.(pads, and psad do something else)
It is also difficutl to find this package with apt-cache search, perhaps
there can be additional keywords in its description, eg: nids and network,
thanks
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
