similar to: Shorewall connection logging question

Hallo, in CentOS 5 fwlogwatch is available. CentOS 6: I have found nothing. Snort: installation from source? Other idea? Alternative software? OSSEC? Thank you for help in advance Best regards Helmut -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110905/1c409912/attachment.html>

I would add the below: -Recommend using CentOS 4.0 -Use squid rpm, no tar (this is for new users I'm guessing). -Recommend using etherape and iptraf (available as rpms) for a graphical overview of traffic. http://etherape.sourceforge.net/ -Recommend the use of chkrootkit, and TCP Wrappers (at the least put ALL: ALL EXCEPT PARANOID in /etc/hosts.allow) to protect servers. -Provide some

Hi, on a system RedHat 8.0, only on this, not on other various RedHat8.0, I have see the follow strange error in /var/log/{messages,boot.log} ..... After the boot all it seems to work, the modules is loads.... I have already tried to install other versions of kernel but the problem is always the same one :-(( Someone has some idea of what is happening? Thanks... Dario Lesca

Announcement and Call for Papers -------------------------------- NordU2002- The fourth NordU2002/USENIX Conference February 18-22, 2002 Helsinki, Finland Information regarding The fourth Nordic EurOpen/USENIX Conference, to be held in Helsinki, Finland, February 18-22, 2002. A Conference organised by EurOpen.SE ? The Swedish Association of Unix Users, and affiliate of USENIX, The Advanced

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498 cfilin@intermedia.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chip@innovates.com -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are

I''m just looking into how to connect to Oracle using Rails. I''ve got everything connecting and working as it should. I have a Users table in Oracle: create_table "users", :force => true do |t| t.column "username", :string t.column "created_on", :datetime t.column "email", :string t.column "note", :text

Hi, after some experience with Rails on MySQL databases I gave it a try on one of our larger Oracle database. I was facing a problem when Rails tried to detect the columns for a model/table. The appropriate statement ran about 1 min which led to a timeout. Our Oracle guru told me to analyze the SYSTEM schema. After that hadn''t helped, he said the only remaining chance is to use a

Near the end of section 15.10, the following commands are shown for prioritizing SYN packets: iptables -t mangle -I PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x1 iptables -t mangle -I PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j RETURN Shouldn''t the "-I" option really be "-A"? Like so: iptables -t mangle -A

Am 23.06.2020 08:43, schrieb Luca Bertoncello: And another thing, I discovered right now... > Could you suggest me something to restrict the problem? > Currently, I think the problem can be: > > 1) on Asterisk > 2) on my Gateway/Firewall A couple of years ago I added this entry in my firewall: /sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS

Hi, First of all, I know that not dropping SYN/FIN isn't really a big deal, it just makes no sense. But since it doesn't make any sense, I don't see the reason why not to discard them. I'm running pf on FreeBSD 5.4-RELEASE-p3 and I scrub any traffic. I've read some other posts on google and as far as I can tell, clearly invalid packets (like packets with SYN/RST set) is

Hello, I current have a FreeBSD 4.8 bridge firewall that sits between 7 servers and the internet. The servers are being attacked with syn floods and go down multiple times a day. The 7 servers belong to a client, who runs redhat. I am trying to find a way to do some kind of syn flood protection inside the firewall. Any suggestions would be greatly appreciated. -- Ryan James ryan@mac2.net

There has been a low continuing level of confusion over the terms "Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all instances of "Static NAT" have been replaced with "One-to-one NAT" on the web site and in the CVS configuration files (Shorewall/ project). The documentation in 1.4.9 will also contain this change. -Tom -- Tom Eastep \

Hello Everyone, I have 2 different suggestions about syn-cookies method which is used to block syn-flood attacks. Syn cookies bitwise image --------------------------------------------- T(5 bits) ---MSS(3 bits)-----H(24 bits) --------------------------------------------- So, 1- T value can be decreased to 2 bit which is already 5 bit.And hash value will be 27 bit. 2-Normally syn-cookies is

Dear R experts, I have a Matlab code which I am translating to R in order to examine and enhance it. First of all, I need to reproduce in R the results which were already obtained in Matlab (to make sure that everything is correct). There are some matrix manipulations and '\' operation among them in the code. I have the following data frame > ABS.df Pro syn

Hi folks, I have here a database node running # rpm -qa | grep mysql-server mysql55-mysql-server-5.5.52-1.el6.x86_64 on # virt-what vmware that seems to have a connection problem: # dmesg |grep SYN |tail -5 possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on port 3306. Sending cookies. possible SYN flooding on

Hi, folks @ freebsd-security. First, I am not sure if this is apropriate topic for that list, so sorry, if it is not. Some time ago I have read rfc1948 (protection from blind TCP spoofing) and became interested in the way how it is implemented in FreeBSD. After some googling (BTW if you like Google you might be interested in this: http://register.spectator.ru/img/bart.gif ), I found this:

Heya, FREEBSD 4.9-STABLE Is there anyway to block SYN attacks and prevent it from bring down my server? Its been attacking for sometime.

Dear R-List member, I have a problem when I'm trying to save two arrays from a foreach-loop. I'm also not sure whether this is possible or just my inexperience. However, this works perferctly fine with a for-loop. Here is an example code - any help is much appreciated!!: ############ n.vpn = 2 n.run= 3 # create to empty matrices sme = matrix(NA,4,n.vpn) test = matrix(NA,4,n.vpn) #

Hi, any idea if (when?) a new version of those RPMs with rollback included will become available for CentOS 4? Thanks, MaZe.

Hi, I have shorewall version 1.4.10g on Redhat 9 Local clients are on eth1 in subnet 192.168.3.0/24. eth0 is for the outside (over xdsl with includes a ppp0 interface). Nessus (nessusd) is installed *on the firewall* and managed trough nessus (the client or frontend) running on one of the internal machines. When I was running a scan against 194.152.181.36 I observed several entries like