Date: Mon, 12 Feb 2001 07:49:39 -0800 From: "David Daugherty" <davidd@datasphereweb.com> To: "DINKEY,GENE (HP-Loveland,ex1)" <gene_dinkey@hp.com>, <freebsd-questions@freebsd.org> Subject: RE: Logging IP address for all connections Message-ID: <APEALNGGKOFFDGPFLIHAOEAOCAAA.davidd@datasphereweb.com> In-Reply-To: <F341E03C8ED6D311805E00902761278C531578@xfc04.fc.hp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Take a look at portsentry. /usr/ports/security/portsentry http://www.psionic.com/abacus/portsentry --- |> /\ \/ @ davidd@datasphereweb.com DataSphere - Back end web programming, site security, and networking david.daugherty@netmanage.com Software Engineer NetManage - The Bridge to E-Business http://www.wcug.wwu.edu/~doc ICQ: 21106703 "I like the dreams of the future better than the history of the past" - Thomas Jefferson > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of DINKEY,GENE > (HP-Loveland,ex1) > Sent: Monday, February 12, 2001 7:41 AM > To: 'freebsd-questions@freebsd.org' > Subject: Logging IP address for all connections > > > I'm running FreeBSD 3.4-RELEASE and have recently been under > attack by what > appears to be a bored script kiddie. The attacks have come from several > different locations (for some reason they keep trying to log on via anon > FTP). I've been port scanned twice in a week (unfortunatly all I get in > messages is the ICMP bandwidth limit messages). > > I would like to be able to log the ip address and port number of every ip > address that connects to the machine from my external interface. If > possible I would like to also be able to log that to a seperate > file instead > of to messages to prevent clutter. > > I've searched the archives and looked at ipfw(8), syslogd(8), and > syslog.conf(5). It's all very confusing and a little help understanding > what I need to do would be appreciated. > > The system has 2 NIC's and runs natd, it's a gateway for my cable > modem. I > only need to log on the NIC that's exposed to the world. > > Thank you in advance > > Gene Dinkey > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?APEALNGGKOFFDGPFLIHAOEAOCAAA.davidd>