By Default, SSH isn't running on IPcop. Can you connect with Putty? Kev.
----- Original Message ----- From: "Shawn" <[EMAIL PROTECTED]> To: "CLUG (E-mail)" <[EMAIL PROTECTED]> Sent: Sunday, November 02, 2003 2:20 PM Subject: (clug-talk) SnortSnarf for IPCop on a different computer? > I've been playing with Snort on my server over the past week. The downside > is that I can't really tell how well it's working because my IPCop firewall > is blocking everything. This is a good thing! But, I'd like to try running > SnortSnarf to report the attacks on my system. I just tried to export the > intrusion detection logs from IPCop, but I don't think they export to a > format compatible with snort. > > So, I'm looking for ideas on how to get the snort log files on the IPCop box > moved to my server automatically (and peridically through cron), so I can > run SnortSnarf against them. The server doesn't have FTP configured, nor > does the IPCop firewall. Both have SSH configured, but I haven't been too > sucessful at doing an ssh session to the firewall from the server (just > tried, with port 22 and 222). > > Any thoughts or suggestions? Thanks. > > Shawn > > >
