[ILUG] ipchains logs and nmap audit
Subba Rao
subb3 at attglobal.net
Sat Jan 22 13:27:18 GMT 2000
On 0, kevin lyda <kevin at suberic.net> wrote:
> Subba Rao wrote:
> > ipchains -A input -i ppp0 -p TCP --destination-port 21 -l -j DENY
> >
> > Why are these ipchains not doing any logging? I do have the -l option
> > invoked for logging. The packet is supposed to be denied at the IP level
> > and then logged into syslog. When I try to connect from another address to
> > the IP address of the ppp0 interface, nothing gets logged. Instead, the tcplogd daemon
> > captures it into the log. tcplogd is an application level filter and not at IP level.
> > Why is this ipchains rule (and others) not getting logged?
>
> never covered this before, but as a guess, what level does it get logged
> at? syslog accepts messages with different levels and then can be
> configured toput them in specific logs or to ignore them. see
> /etc/syslog.conf.
>
> on my redhat 6.1 box it doesn't seem to log kernel messages?
>
I do extensive logging. None of the log files seem to register the audit.
Besides ipchains is being used with the logging option.
Subba Rao
subb3 at attglobal.net
http://pws.prserv.net/truemax/
=> Time is relative. Here is a new way to look at time. <=
http://www.smcinnovations.com
More information about the ILUG
mailing list