From owner-freebsd-security Fri Jun 27 12:31:44 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id MAA10317 for security-outgoing; Fri, 27 Jun 1997 12:31:44 -0700 (PDT) Received: from weblock.tm.net.my (weblock.tm.net.my [202.188.0.180]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA10301 for ; Fri, 27 Jun 1997 12:31:37 -0700 (PDT) Received: from lovebox ([202.184.153.17]) by weblock.tm.net.my (Post.Office MTA v3.1 release PO203a evaluation license) with SMTP id AAA14548; Sat, 28 Jun 1997 03:31:50 +0800 Message-Id: <3.0.32.19970628032232.009047b0@mail.tm.net.my> X-Sender: sweeting@mail.tm.net.my X-Mailer: Windows Eudora Pro Version 3.0 (32) To: Tony Harverson From: chas Subject: Re: how can we monitor in real time ? (was Re: probing from Cc: freebsd-security@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Sat, 28 Jun 1997 03:31:50 +0800 Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Thank you very much Tony, >There is a piece of software called "logsurfer" which can be configured to >watch log files and take any action that can be entered at the command line >eg : tcp denys to someone of my machines get paged to me.. > >haven't get a url for it at the moment - seems to have a port in the freebsd site so that is a good sign - http://hobbes.cdrom.com/pub/FreeBSD/ports-current/misc/logsurfer/ >give me a yell if you get stuck. thank you .... hopefully it will be ok if it's been ported. (he says, putting the kiss of death on it) chas ps. thanks also to Guy & Bryan for the swatch tips... i'll have a look-see at that too.