RE: [logs] TCPwrappers logging without serving

• Previous message: Ganu Skop: "[logs] Correlation Whitepaper"
• In reply to: Wilmot, Fred: "[logs] TCPwrappers logging without serving"
• Next in thread: Wilmot, Fred: "RE: [logs] TCPwrappers logging without serving"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----

[..]

> auditing of the system.  Is there a way to use tcpwrappers to 
> log all attempts to inetd.conf services without appearing as 
> though these services are listening?  Has anyone removed the 

There is a package called IPPL - 'IP Packet Logger' by Hugo Haas and
Etienne Bernard, which logs all connections to a server - regardless of
listening services or not.

http://pltplp.net/ippl/

Don't know if it compiles on Solaris, but it does what you want - logs
connections made to any port. Both TCP & UDP. And ICMP. Quite
confgurable too. But then, the logs get quite large. And some analysis
is required.

But that's where this list comes in handy...  ;o)

~Mike




_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Wilmot, Fred: "RE: [logs] TCPwrappers logging without serving"
• Previous message: Ganu Skop: "[logs] Correlation Whitepaper"
• In reply to: Wilmot, Fred: "[logs] TCPwrappers logging without serving"
• Next in thread: Wilmot, Fred: "RE: [logs] TCPwrappers logging without serving"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 19 2003 - 19:27:16 PDT