Tugger the SLUGger!SLUG Mailing List Archives

RE: [SLUG] Simple tool to monitor remote scans/probs

I can't see this works very well considering some machines from outside may
be allowed to come in and others not..

easily done but using the 

ALL:		ALL		:	spawn (/bin/securescript %n %a %d)

echo Non authorised access to $3 from $2 | logger -p local0.notice -t
echo "`date +%d/%m/%y` : $3 - $2 $1" >>/var/log/securityattempt.log

This will create a Security process log in your messages file and also log
the details in you /var/log/securityattempt.log file


George Vieira
Network Administrator
PGP Fingerprint :	43DC 92AC 1A82 27B2 E97B  52F1 B60F 301A 38A9
PGP KeyID:		0x38A9A10C

-----Original Message-----
From: Jeff Waugh [mailto:jdub@xxxxxxxxxxx]
Sent: Thursday, September 14, 2000 11:21 AM
To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] Simple tool to monitor remote scans/probs

> Matt wrote:
> if anyone has been scanning my ports, trying ports,
> trying to telnet in etc.

... and so much more (for use in combination with your usual ipchains and
system logging):


- Jeff

-- jdub@xxxxxxxxxxx ------------------------------- http://linux.conf.au/ --

        Ye shall be cursed to fall in love so easily, and yet be so
                     cold of heart as never to express it.

SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug