On 2004-10-17, Grzesiek D. wrote:
> jaki musze wykonac wpis do configa zeby w messages nie miec wpisow:
>
> ...
> Oct 17 07:39:01 raven portsentry[307]: attackalert: TCP SYN/Normal scan
> from host: p508F72C2.dip.t-dialin.net/80.143.114.194 to TCP port: 135
> Oct 17 07:39:01 raven portsentry[307]: attackalert: Host 80.143.114.194
> has been blocked via dropped route using command: "iptables -I portsentry
> -s 80.143.114.194 -j REJECT"
> Oct 17 07:42:39 raven portsentry[307]: attackalert: TCP SYN/Normal scan
> from host: 32.Red-80-37-188.pooles.rima-tde.net/80.37.188.32 to TCP port:
> 135
> ...
>
> chodzi mi oto ze chce miec logi z portsentry w innym pliku niz messages,
> strasznie mi on zasmieca
> obecnie jesli chodzi o messages mam defaultowe ustawienie.
>
> *.info;*.!warn;\
> authpriv.none;cron.none;mail.none;news.none -/var/log/messages

A z jakim typem i priorytetem portsentry loguje zdarzenia? Moze sie to
daje ustawic?

--
Stanislaw Klekot
Received on Tue Oct 19 00:37:46 2004