[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Cobalt SHP & Portsans

Subject: RE: [cobalt-users] Cobalt SHP & Portsans
From: "Jozsef Szilagyi" <j.szilagyi@xxxxxxxxxxxxxxx>
Date: Wed Aug 14 23:27:01 2002
Organization: Atlas Telecom Network Romania
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Hi !
>> The logs:
>> eth0:portscan: 3/3/icmp x.x.x.x3 -> x.x.x.x2 102 (22)
>> 
>> Is anybody can explain what's mean each column ?
>
>The mail usually only contains one line per incident?! 

Yes the mail's only contain one entries.


>There is however a logfile (/var/log/phoenix.log) that shows the time
and date as well. I also found
http://www.sun.com/hardware/serverappliances/pdfs/manuals/manual.adaptiv
e-firewall.pdf 
>
>On page 61 starts a chapter 'Understanding the Adaptive Firewall Log
File'. 

Thank's for the link.


>The "firewall file" the document mentions seems to be at
/etc/scandetection/scandetection.fwall
>
>Sorry, can't tell you what's going on in your box, maybe you can
compare the timestamps with entries in other logfiles ...
I try to figure out the problem.

Thank you,
Jozsef Szilagyi.

References:
- Re: [cobalt-users] Cobalt SHP & Portsans
  - From: Jens-Peter Otto

Prev by Date: [cobalt-users] Qube3 Active Monitor - Network Gateway
Next by Date: RE: [cobalt-users] Raq4 Intermittently not accessible
Previous by thread: Re: [cobalt-users] Cobalt SHP & Portsans
Next by thread: [cobalt-users] Publishing on virtual host using ftp ?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index