I can't remember where, but I know that I *did* hear/read sometime in the
very near past about something being buggy about syslogd--don't know if it
was a version problem or an install problem (or whatever else...)
Have you tried stopping syslog and doing an rpm -Uvh
or maybe an rpm -i --replacepkgs on the syslogd rpm? I don't see an
update for it, so I don't think the version itself is buggy, but maybe
something happened at some point with your install of the daemon.
--Greg
> > You've gotten Logcheck from Psionic, did you also get (and install)
> > Portsentry?
>
> I certainly did.
>
> > If portsentry was tripped, and added the offending host to the route
table
> > and the IP to the /etc/hosts.dent file, no packets will be logged for
that
> > host anymore.
>
> 'Fraid not. No-one's got through the firewall to PortSentry. Nothing has
> been added to either /etc/portsentry/portsentry.blocked.atcp or
> /etc/portsentry/portsentry.blocked.audp so no-one's tripped it. Also I
have
> PortSentry configured so that it's using ipchains, not TCP wrappers, and
the
> ipchains rule it uses to block intruders includes the -l flag.
>
> > Or, is it that DENY pakect logging stops altogether for ALL
> > offenders after
> > a while?
>
> That's the sucker! A reboot cures it briefly, but you know how us Linux
> peeps hate reboots ;-)
>
> Thanks,
>
> Tony
>
>
______________________________________________________________________________
message envoye depuis http://www.ifrance.com
emails (pop)-sites persos (espace illimite)-agenda-favoris (bookmarks)-forums
Ecoutez ce message par tel ! : 08 92 68 92 15 (france uniquement)
