[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] portsentry/watchlog

Subject: [cobalt-users] portsentry/watchlog
From: eicherlist <eicherlist@xxxxxxxxxx>
Date: Tue Jun 5 20:11:58 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

hi list

I'm  working with portsentry on a RAQ3. I would like to be informed by not
allowed scans of wellknown ports, with an email. that works everything. if
somebody scans on all thousand wellknown ports, then i get for every scan a
email.

what is wrong on the following pattern-definition? (watch-3.0.1)

config on watchlog:
watchfor     /attackalert|expn/
        echo=normal
        mail=alarm,subject=--- Attack Alert! ---
        throttle 5:00 0:16

thanks
rene

Prev by Date: [cobalt-users] relay mail through a cobalt raq3 server while the smtp authentication is installed
Next by Date: Re: [cobalt-users] [RaQ3] Sendmail problem- domain must exist
Previous by thread: [cobalt-users] nameservers disappearing on raq3
Next by thread: [cobalt-users] The Sun CobaltT Developer Kit v1.3 for Java

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index