Date: Sun, 24 Oct 1999 19:59:06 -0400 From: Mike Tancsa <mike@sentex.net> To: "Mr Magoo" <mrmagoo@shotblast.com>, <security@FreeBSD.ORG> Subject: RE: kernel patch to detect port scan, without turning on ports... Message-ID: <4.1.19991024195648.04634e00@granite.sentex.ca> In-Reply-To: <NDBBIDLEKDLILPNDNAEJIEKLCAAA.mrmagoo@shotblast.com> References: <199910240556.PAA55113@atdot.dotat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:48 PM 10/24/99 , Mr Magoo wrote: >How would you go about making these messages go into a syslogd file? I've >never really understood howto put things into a log file with it. > BTW- can you do that same thing for ICMP's? Add the line kern.* <at least 1 tab> /var/log/kern to /etc/syslog.conf (than kill -1 `cat /var/run/syslog.pid` to signal syslogd to reread its config file) To log all icmp traffic, one way to do it is via ipfw e.g. ipfw add 500 allow log icmp from any to any or ipfw add 500 allow log icmp from any to any icmptype 0,8 for just pings. It too will get logged via syslog to kern. ---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19991024195648.04634e00>