Package: psad
Version: psad (1.4.1-1)
Severity: important
Its listed in the psad.conf file as a valid option...
### Set the type of syslog daemon that is used. The SYSLOG_DAEMON
### variable accepts three possible values: syslogd, syslog-ng, or
### metalog.
SYSLOG_DAEMON syslogd;
I installed "metalog" which removed "klogd sysklogd" and "psad". After
looking at "metalog" for a bit I decided I liked the feature in "psad"
so I wanted to reinstall it...
-start-cmd-
# apt-get install psad
Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
klogd sysklogd
Recommended packages:
bastille
The following packages will be REMOVED:
logcheck metalog snort-common snort-mysql snort-rules-default
The following NEW packages will be installed:
klogd psad sysklogd
0 upgraded, 3 newly installed, 5 to remove and 1 not upgraded.
Need to get 94.9kB/327kB of archives.
After unpacking 1155kB disk space will be freed.
Do you want to continue? [Y/n] n
Abort.
-end-cmd-
Interesting that the above packages were going to be removed. I didn't
expect that. Why did installing psad want to remove snort-common
snort-mysql snort-rules-default? So instead I just did the following...
-start-cmd-
# apt-get install klogd sysklogd
Reading Package Lists... Done
Building Dependency Tree... Done
The following packages will be REMOVED:
metalog
The following NEW packages will be installed:
klogd sysklogd
0 upgraded, 2 newly installed, 1 to remove and 1 not upgraded.
Need to get 94.9kB of archives.
After unpacking 209kB of additional disk space will be used.
Do you want to continue? [Y/n] y
-end-cmd-
Verson of sysklogd running now...
ii klogd 1.4.1-16 Kernel Logging Daemon
ii sysklogd 1.4.1-16 System Logging Daemon
I would like to use metalog since it can do some regex matching and
execute scripts...
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9-1-686-smp
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages psad depends on:
ii ipchains 1.3.10-15 Network firewalling for Linux 2.2.
ii iptables 1.2.11-10 Linux kernel 2.4+ iptables adminis
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libcarp-clan-perl 5.3-3 Perl enhancement to Carp error log
ii libdate-calc-perl 5.4-3 Perl library for accessing dates
ii libnetwork-ipv4addr-perl 0.10-1.1 The Net::IPv4Addr perl module API
ii libunix-syslog-perl 0.100-4 Perl interface to the UNIX syslog(
ii perl 5.8.4-8 Larry Wall's Practical Extraction
ii psmisc 21.6-1 Utilities that use the proc filesy
pn syslogd | syslog-ng Not found.
ii whois 4.7.2 the GNU whois client
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
