[techtalk] Better snort/logcheck reporting
Kath
ranger at optonline.net
Sun Apr 22 00:26:48 EST 2001
Does anyone know of a way for better snort/logcheck out putting?
I get stuff from ipop3d about regular (completely normal) pop3 logins by myself. I'd rather not get these all together.
Also I'm getting the following:
Apr 21 22:30:59 hwnet pptpd[2226]: CTRL: Client 24.186.89.xx control connection started
Apr 21 22:30:59 hwnet pptpd[2226]: CTRL: EOF or bad error reading ctrl packet length.
Apr 21 22:30:59 hwnet pptpd[2226]: CTRL: couldn't read packet header (exit)
Apr 21 22:30:59 hwnet pptpd[2226]: CTRL: CTRL read failed
Apr 21 22:30:59 hwnet pptpd[2226]: CTRL: Client 24.186.89.xx control connection finished
I recently dpkg --purge pptpd and I thought I got this removed, so why am I getting these spit out in the logs?
I'd rather see only specific stuff, like known attacks and portscans.
- Kath
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxchix.org/pipermail/techtalk/attachments/20010422/3a81314e/attachment.xhtml
More information about the Techtalk
mailing list