[plug] log file checking
Jon Miller
jlmiller at mmtnetworks.com.au
Sun Feb 2 11:17:05 WST 2003
I use both logcheck and port sentry and just stroll though the portsentry.history log file looking for information. I can tell you it works quite well the log file is full of attempts.
J
Jon L. Miller, MCNE, CNS
Director/Sr Systems Consultant
MMT Networks Pty Ltd
http://www.mmtnetworks.com.au
"I don't know the key to success, but the key to failure
is trying to please everybody." -Bill Cosby
>>> craig at postnewspapers.com.au 1:38:21 PM 31/01/2003 >>>
> hi is there software available that can monitor my log files for
> suspicious activity's then notify me of any problems or attempts ?.i run
> sme server with an adsl connection to the net . what is good practice
> when checking logs? .how do other plugers check and maintain log files
If you're on debian,
apt-get install logcheck
it'll be really noisy at first but you can tweak your exclude rules
until its at the "noise" level you find OK and any annomalies will be
noticeable.
Craig
More information about the plug
mailing list