Date: Tue, 19 Sep 2000 07:42:54 -0500 From: "Hudson, Henrik H." <hhudson@eschelon.com> To: "'security@freebsd.org'" <security@freebsd.org> Subject: IPFW Log Auditing? Message-ID: <C1781C38F13DA040848FEFAD07311B101B64D9@walleye.corp.fishnet.com>
next in thread | raw e-mail | index | archive | help
Morning List- I have been trying to find something will do log auditing/scanning of already existing IPFW logs? Does such a tool exist? There is IPLOG, but doesn't that generate it's own logs and scan those? or snort, but that's almost like IPLOG, right? Of course, I could be reading the FAQ's backwards too. While on this subject, if I have to use something like IPLOG/snort, does this still capture info about packets that IPFW has denied? What's the performance decrease on a machine that is running IPFW rules and iplog? anything noticable besides increased disk space needs? Any other thoughts I should be having? Thanks for your time. Henrik hhudson@eschelon.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C1781C38F13DA040848FEFAD07311B101B64D9>