Date: Sat, 12 Oct 2002 00:45:20 -0500 From: "Maildrop" <maildrop@qwest.net> To: "sonam singh" <sonam_singh_s@yahoo.com>, maildrop@qwest.net, freebsd-security@freebsd.org Subject: RE: monitor ALL connections to ALL ports Message-ID: <NGBBIILBAKIFGHHCHOHPEEDEFJAA.maildrop@qwest.net> In-Reply-To: <20021012052641.80433.qmail@web40508.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I looked at those, but I was looking for more of a Daemon that runs it the background 24-7, and logs all connections without interaction from admin (ie. me :) regards, jack > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of sonam singh > Sent: Saturday, October 12, 2002 12:27 AM > To: maildrop@qwest.net; freebsd-security@freebsd.org > Subject: Re: monitor ALL connections to ALL ports > > > u can use packet analyzer or sniffer run the network > card in promiscous mode use ntop or snmp with mrtg or > tcpdump or etheral > regards > Sonam Singh > > > --- Maildrop <maildrop@qwest.net> wrote: > > > > I currently have a DSL line and a FreeBSD > > firewall/gateway (dual homed). It > > has one internal IP address and 5 external IP > > address (one "real" ip and 4 > > alaises on same external nic). > > > > What I want to do is montior and record (to log) all > > incoming/outging > > connection (just source ip/dest ip/port). If > > someone connects to my web > > server it should log what ip accessed it, the time, > > which ip (web server > > runs on 2 external ip address) and the port. Also > > if someone does a port > > scan against the box I should be able to tell it is > > a port scan (since one > > ip address would be opening up a bunch of ports). > > > > Right now I don't care what data is being > > sent/received, just what > > connections are being made (and the details about > > those connections). > > > > Any suggestions? > > > > Regards, > > Jack > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of > > the message > > > __________________________________________________ > Do you Yahoo!? > Faith Hill - Exclusive Performances, Videos & More > http://faith.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NGBBIILBAKIFGHHCHOHPEEDEFJAA.maildrop>