Re: [newbie] Portsentry reporting
On Tuesday 02 January 2001 00:55, you wrote: > On Sun, 31 Dec 2000, Dennis Myers wrote: > > Should be in /var/log/messages You can also take a look at /etc/portsentry.history to see what ended up being blocked. > >Hi again everyone, this has been puzzling me for a while. I have > > portsentry installed and configured on two machines (in conjunction > > with pmfirewall) and have not been able to determine where to look > > for reports on possible attacks or unauthorized access attempts. > > Where should I look for this information? Does portsentry send e-mail > > to root? Thanks for any info available. -- Alex (Go easy on me, I'm a COBOL programmer in real life)
RE: [newbie] Portsentry reporting
In the standard configuration it sends all reports to /var/log/messages. Unless you changed the logging facility which it uses during the configuration all your portsentry reports should be listed there. I understand that there is a way to redirect it's reports but I have been unable to get it working. Some of the more experienced users might be able to help with that one. I would actually be very interested to find out how to change it's logging properties. Portsentry dumps too much clutter into the messages file for me to look past when I'm reviewing my weekly logs. Regards - Ben --Original Message-- From: Dennis Myers <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Sent: January 1, 2001 4:42:29 AM GMT Subject: [newbie] Portsentry reporting Hi again everyone, this has been puzzling me for a while. I have portsentry installed and configured on two machines (in conjunction with pmfirewall) and have not been able to determine where to look for reports on possible attacks or unauthorized access attempts. Where should I look for this information? Does portsentry send e-mail to root? Thanks for any info available. -- Dennis M. Registered Linux user #180842 __ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup
Re: [newbie] Portsentry reporting
On Sun, 31 Dec 2000, Dennis Myers wrote: Should be in /var/log/messages >Hi again everyone, this has been puzzling me for a while. I have portsentry >installed and configured on two machines (in conjunction with pmfirewall) and >have not been able to determine where to look for reports on possible attacks >or unauthorized access attempts. Where should I look for this information? >Does portsentry send e-mail to root? Thanks for any info available. > -- Q: How many Klingons does it take to change a lightbulb? A: None. Klingons are not afraid of the dark. http://nlpagan.net - ICQ 147208 - Registered Linux User 174403 Linux Mandrake 7.2 - Pine 4.31
[newbie] Portsentry reporting
Hi again everyone, this has been puzzling me for a while. I have portsentry installed and configured on two machines (in conjunction with pmfirewall) and have not been able to determine where to look for reports on possible attacks or unauthorized access attempts. Where should I look for this information? Does portsentry send e-mail to root? Thanks for any info available. -- Dennis M. Registered Linux user #180842