Date: Tue, 29 Feb 2000 01:46:53 +0300 From: Lev Serebryakov <lev@imc.macro.ru> To: All <freebsd-security@FreeBSD.org> Subject: ipfw log accounting Message-ID: <1774.000229@imc.macro.ru>
next in thread | raw e-mail | index | archive | help
Hi, All! Are there some tools to analyze output of "deny log ip from any to any" ipfw rule and find dangerous activity, like portscans and other? I want to analyze log every hour, and reset log counters after it. I don't want to receive messages about every single dropped packet. And one more question: How could I write rule, which skip all broadcast traffic? My computer is on big provider's net, and here is more than one broadcast address (many subnets on one wire)... Lev Serebryakov, 2:5030/661.0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1774.000229>