Date: Wed, 3 Mar 2004 18:23:01 +0300 From: Andrew Riabtsev <resident@b-o.ru> To: FreeBSD Security List <freebsd-security@freebsd.org> Subject: Re: How to monitoring activity on a card? Message-ID: <17922425976.20040303182301@b-o.ru> In-Reply-To: <20040303094647.J93367@zoraida.natserv.net> References: <20040303094647.J93367@zoraida.natserv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Привет Francisco, Wednesday, March 3, 2004, 12:51:15 PM, you wrote: FR> My setup 4.9 stable with IPFW. Machine acts as gateway for two machines. FR> What are my options on monitoring activity on my external card? FR> This morning I noticed my DSL modem activity light is blinking non-stop. FR> Looking at /var/log/ don't see anything suspicious. FR> I feel tempted to add "log" to all my ipfw pass rules, but wonder if there FR> isn't a better way. FR> I am mostly concerned there is either some kind of attack going on or FR> somehow the machine was hacked and it's running something it's not FR> supposed to. You also may try sniffit - shows current tcp/udp streams in curses windows. Easy to undestend from where to start searching. -- С наилучшими пожеланиями, Andrew mailto:resident@b-o.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17922425976.20040303182301>