On Thu, Mar 22, 2001 at 08:31:53AM -0600, Brooks R. Robinson wrote: > You may also want to try iplogger. Not only will this show ALL the ports in > use, not just the ones you select in portsentry. Also, portsentry actually > listens on those ports it is monitoring, so if you nmap yourself for > security leaks, you'll see a plethora of ports open, don't freak.
IIRC iplogger was obsoleted by ippl. There were some issues with remote DoS attacks against hosts running iplogger. Ippl took care of those and provides a more flexible logging mechanism. Ippl is one of the very first packages I install on any Debian box in my control. Once you've configured it right (i.e. told it not to log normal traffic like smtp connections) the output can be very interesting. I could be mistaken, and confusing iplogger with some other package, but I don't think so. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
pgpus6gAUqoGH.pgp
Description: PGP signature
