On Wed, 25 Jul 2012, Sthu Deus wrote:
> Good time of the day.
Heh.
> ) I found a solution, requiring setting
>
> KLOGD="-k /boot/System.map-$(uname -r) -c4"
>
> in
>
> /etc/init.d/klogd
>
> file. Unfortunately, wheezy (that I have the problem on) does not have
FORTUNATELY, wheezy deprecates
On 10/01/2008 03:05 AM, Adam Hardy wrote:
Out of interest, will dmesg -n X survive a reboot? Or is there another
config option for this?
No, it wouldn't survive a reboot. You can place the command in
/etc/init.d/rc.local.
You can also modify /etc/sysctl.conf. "Kernel.printk" is the value
On Wed, Oct 01, 2008 at 09:05:57AM +0100, Adam Hardy wrote:
> Out of interest, will dmesg -n X survive a reboot? Or is there another
> config option for this?
dmesg without parameters shows the currecnt content of the kernel
messages buffer. This buffer has limited size and does not survive
rebo
Mumia W.. on 30/09/08 07:54, wrote:
On 09/29/2008 02:03 PM, Marcin KÅ‚apkowski wrote:
I set iptables rule for logging.
# iptables -I INPUT -m limit --limit 15/minute -j LOG --log-level 4
--log-prefix "firewall: "
It's logging in warning level. And my logs goes to kern.log file. It's
for now, bu
On 09/29/2008 02:03 PM, Marcin KÅ‚apkowski wrote:
I set iptables rule for logging.
# iptables -I INPUT -m limit --limit 15/minute -j LOG --log-level 4
--log-prefix "firewall: "
It's logging in warning level. And my logs goes to kern.log file. It's
for now, but more over, this logs are flooded in
On Sat, Jun 24, 2006 at 01:51:38PM +0200, Erik Persson wrote:
> [EMAIL PROTECTED]:~# cat /proc/sys/kernel/printk
> 3 4 1 7
Cool, I didn't realize this file existed in the /proc filesystem.
Time to review the documentation... ;-)
> man proc reveals that the 1 is the lowest value
Derek Martin wrote:
On Sat, Jun 24, 2006 at 12:58:42AM +0200, Erik Persson wrote:
I tried with klogd -c 0 but the messages just kept on coming. It seems
that the minimal allowed log level for kernel messages was set to 4 on
the router and klogd -c 0 thus didn't change the kernel log level as I
Erik Persson([EMAIL PROTECTED]) is reported to have said:
> Wayne Topa wrote:
>
> I tried with klogd -c 0 but the messages just kept on coming. It seems
> that the minimal allowed log level for kernel messages was set to 4 on
> the router and klogd -c 0 thus didn't change the kernel log level as
On Sat, Jun 24, 2006 at 12:58:42AM +0200, Erik Persson wrote:
> I tried with klogd -c 0 but the messages just kept on coming. It seems
> that the minimal allowed log level for kernel messages was set to 4 on
> the router and klogd -c 0 thus didn't change the kernel log level as I
> thought. This
Wayne Topa wrote:
Erik Persson([EMAIL PROTECTED]) is reported to have said:
Hey!
I'm running a debian sarge as a router for a network, and I'm using
iptables. I need to log certain stuff from iptables, and I thus have
rules like:
${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
I think you have to set the log level to DEBUG,
so you can see it on '/var/log/syslog'
${PROG} ... ... -j LOG --log-level DEBUG --log-prefix "Blaster portscan "
--
Henrique G. Abreu
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Conta
Cameron Hutchison wrote:
Erik Persson wrote:
I'm running a debian sarge as a router for a network, and I'm using
iptables. I need to log certain stuff from iptables, and I thus have
rules like:
${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
--limit 1/s -j LOG --log-prefix "Bl
On Fri, Jun 23, 2006 at 14:42:24 +1000, Cameron Hutchison wrote:
> Erik Persson wrote:
>
> >I'm running a debian sarge as a router for a network, and I'm using
> >iptables. I need to log certain stuff from iptables, and I thus have
> >rules like:
> >${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dp
On Fri, 2006-06-23 at 00:18 +0200, Erik Persson wrote:
> Hey!
>
> I'm running a debian sarge as a router for a network, and I'm using
> iptables. I need to log certain stuff from iptables, and I thus have
> rules like:
> ${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
> --limit
Erik Persson wrote:
>I'm running a debian sarge as a router for a network, and I'm using
>iptables. I need to log certain stuff from iptables, and I thus have
>rules like:
>${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
> --limit 1/s -j LOG --log-prefix "Blaster portscan "
>Thi
Would a shell redirection fill the bill? Admittedly, this is not as
clean as fixing a config file, so:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html#LOGTARGET
looks like it has some meat to it. The suggestion of 'dmesg -n 1' would
be worth a shot anyhow. Thus endeth my expertis
Erik Persson([EMAIL PROTECTED]) is reported to have said:
> Hey!
>
> I'm running a debian sarge as a router for a network, and I'm using
> iptables. I need to log certain stuff from iptables, and I thus have
> rules like:
> ${PROG} -A FORWARD -i eth1 -o eth0 -p tcp --dport 135 -m limit
> --limi
On 05 Aug 2001 13:56:57 +0200, Martin F. Krafft wrote:
> hi all,
>
> recently, i installed a new server in a server farm, but since it
> isn't ready for production yet, it's only running ssh, everything else
> is turned off and blocked with iptables en plus. the ip address is new
> and unknown [1]
actually I just deinstalled portsentry because of this. There are a
huge number of Linux boxes out there that are desperately scanning port
111 looking for a nfs type server.
Its worth setting the trip wire level a little higher to avoid being
swamped with spurious info.
> in only one night, there have been 355 such packets logged, 133
> distinct source IP addresses total, most of them going for port 80
> do you have any idea why this could be?
Code Red is still in the wild:
http://www.cert.org/advisories/CA-2001-23.html
At least that's how I explain away the mas
My best guess is that these are typical script-kiddie connection
attempts. I too get hundreds of scans a day, many to the same ports.
> the primary candidates for connection attempts so far have been to
> 21/tcp(ftp)
Root exploits, places to get/store warez.
> 53/tcp(dns)
Root exploits.
> 80/
21 matches
Mail list logo
