I would additionally like to send the logs over Syslog-ng to a log
server.
I stronly recommend not to do this. We had a ccc (chaos computer club)
meeting while someone brought the logfile from his mailserver to
meetings.
By seeing the logfile without error messages it was quite easy to
ha
Hi Andreas, hello [EMAIL PROTECTED],
> I'm at a company and would like to set up a Debian router/firewall.
yeah, that's what I'am also planning at the moment.
A firewall issue won't be my problem but I didn't install debian for
seven years as I updated the distribution from the net. Hope the
net
Jonathan Wilson <[EMAIL PROTECTED]> wrote:
>>Its much better to monitor a counter in order to detect DOS attacks
>>or configuration errors and if there's concern about intrusion set up a
>>couple rules to trigger the alarm when its counter is activated
>>(outgoing connections, connection search for
>> My problem is what tool to use to evaluate the logs for attacks
>> (e.g. portscans) and notify me by mail?
>I know you probably wouldn't want to hear the question, but I'll put it
>to you: What for?
>Its much better to monitor a counter in order to detect DOS attacks
>or configuration errors
> My problem is what tool to use to evaluate the logs for attacks
> (e.g. portscans) and notify me by mail?
I know you probably wouldn't want to hear the question, but I'll put it
to you: What for?
I would utilize the logs for the goal of archival. Particular blocked attacks
or portscans occur
Hi,
I use fwlogwatch.
Greetings,
Holger
Am Sonntag, 23. April 2006 21:15 schrieb Bernd Eckenfels:
> Andreas <[EMAIL PROTECTED]> wrote:
> > Mein Problem mit welchem Tool werte ich die Logs auf Angriffe aus (z. b.
> > Portscans) und maile Sie mir zu.
>
> Ich weiss, die Frage wolltest du nicht höre
Andreas <[EMAIL PROTECTED]> wrote:
> Mein Problem mit welchem Tool werte ich die Logs auf Angriffe aus (z. b.
> Portscans) und maile Sie mir zu.
Ich weiss, die Frage wolltest du nicht hören, aber ich stelle sie doch mal:
wozu?
Ich wuerde die Logs zu Archivzwecken vorhalten. Einzelne geblockte An
Hello,
I'm at a company and would like to set up a Debian router/firewall.
Debian is minimally installed and I've chosed Shorewall as the firewall.
I would additionally like to send the logs over Syslog-ng to a log
server.
My problem is what tool do I use to evaluate the logs for attacks and
Hallo,
möchte in einer Firma einen Debian-Router mit Firewall aufbauen.
Debian wird minimal installiert und als Firewall habe ich Shorewall gewählt.
Meine Logs möchte ich über Syslog-ng zusätzlich an einen Logserver schicken.
Mein Problem mit welchem Tool werte ich die Logs auf Angriffe aus (z.
9 matches
Mail list logo