|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Han (han_at_mijncomputer.nl)
Date: Tue Aug 06 2002 - 10:39:46 CDT
Jan Johansson (janj+openbsd
wenf.org) wrote:
> On Tue, Aug 06, 2002 at 04:13:46PM +0200, Han wrote:
> > Jan Johansson (janj+openbsdwenf.org) wrote:
> > >
> > > This is in my root crontab.
> > >
> > > 0 */6 * * * /usr/sbin/tcpdump -n -e -tttv -r /var/log/pflog | /usr/local/sbin/pf.pl
> >
> > Don't you get the problem that some logs are not send and others are
> > send double?
>
> dshield keeps a timestamp on the last logline sent so a line is newer
> sent two times, from my config:
>
> # This file contains the date of the last submitted log entry.
> linecnt=/etc/dshield/linecnt
A right brilliant.
> But some line might not be sent. But it is not a big problem for me as
> my pflog is rotated once a week or so.
Yes I am still being bugged by a two week old ddos attack. There are
about 20 forgotten zombies still "attacking" me, so every hour there is
a new logfile. The advantage of my system that it is lighter on the
system resources since no line is checked twice and doesn't forget any
logs. But it is not very important I guess.
Cya, Han.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]