On Wed, 31 Jul 2002 11:31:37 +1000 Adam Niedzwiedzki wrote:
[snip] > I'm running eiger static with a "bastardised" (if there is such a word) > version of the extended scripts. [snip] > 1. Is there a package out there that can monitor the syslog (or denied > rules) to maybe send an email out when certain types of packet's get denied > (hmm not at packet level more like if say there is activity on port 23 of a > certain IP, that is being denied then send an email) I could easily be wrong, but portsenty (psentry.lrp on google) *might* be able to do what you want with the correct configuration options. It's been a long time since I've played with it, and I don't remember for sure. > 2. What do I need to change to have my firewall send all it's syslog info > to a syslog server? A search for syslog.conf on google might turn up a few answers. If you do log to a full *nix server, fwlogwatch[1] may be able to do what you want using the "realtime response mode". I only use it in "log summary mode", so I'm not positive. I can say it does a good job creating log summaries. Sorry for the partial answers; hopefully the leads will turn you on to good solutions. --Brad [1] http://www.kyb.uni-stuttgart.de/boris/software.shtml and http://cert.uni-stuttgart.de/projects/fwlogwatch/ [snip] > Regards, > Adam Niedzwiedzki > > c: genis-x > a: level 1, 278-280 church street richmond, victoria, 3121, au, earth > m: +614 0732 2719 > w: www.genis-x.com > icq: 325910 > > "Any sufficiently advanced bug is indistinguishable from a feature." ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
