[ale] Firewall logging

Jim Seymour bluejay at speedfactory.net
Fri Jul 4 09:18:11 EDT 2003


On Fri, 4 Jul 2003, Jonathan Glass wrote:

> Jim Seymour wrote:
> 
> >Hi All,
> >
> >	I know this sounds like a really newbie question but here goes.  I 
> >have been looking around (google, redhat, etc.) trying to find out how to 
> >tell if someone is trying or has tried to get into your system.  I know 
> >there are files/logs that catch this however I cannot locate any that my 
> >system has.  This is a RedHat 7.3 system and it is not running a 
> >webserver.  I've looked at /var/log/messages however surely there is 
> >another/better option.  Netstat will only give me info on current 
> >connections, right?  I think the default firewall for this system is  
> >ipchains.
> >
> >TIA,
> >
> >  
> >
> It is, but you must enable logging in your IPCHAINS rules.  Check out 
> the -l flag.  In IPCHAINS you can append -l to whatever rules you want 
> to monitor, and, IIRC, it will put it in /var/log/messages.
> 
> HTH
 
Thanks Jonathan,

	I will look into it pronto :-) 

-- 
Jim Seymour
www.wingbarscafe.com

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list