Hi !
[EMAIL PROTECTED]:/etc/firewall] # uname -a
FreeBSD netserver 6.1-STABLE FreeBSD 6.1-STABLE
[EMAIL PROTECTED]:/etc/firewall] # snort -V
o" )~ Version 2.7.0.1 (Build 36)
[EMAIL PROTECTED]:/var/ossec/bin] # ./ossec-control start
Starting OSSEC HIDS v1.2 (by Daniel B. Cid)...
Error on ossec.log:
[EMAIL PROTECTED]:/var/ossec/bin] # tail -f /var/ossec/logs/ossec.log
2007/11/27 16:02:57 ossec-logcollector(1950): Analyzing file:
'/var/log/xferlog'.
2007/11/27 16:02:57 ossec-logcollector(1950): Analyzing file:
'/var/log/vsftpd.log'.
2007/11/27 16:02:57 ossec-logcollector(1950): Analyzing file:
'/var/log/maillog'.
2007/11/27 16:02:57 ossec-logcollector(1950): Analyzing file:
'/var/log/snort/alert'.
2007/11/27 16:02:57 ossec-logcollector: Started (pid: 7840).
2007/11/27 16:05:07 ossec-logcollector: Bad formated snort full file.
Last messages on snort alert file:
[EMAIL PROTECTED]:/var/ossec/bin] # tail -f /var/log/snort/alert
[Classification: Potentially Bad Traffic] [Priority: 2]
11/27-16:20:16.465158 200.165.132.154:53 -> 189.71.104.90:55045
UDP TTL:248 TOS:0x0 ID:15868 IpLen:20 DgmLen:80 DF
Len: 52
[**] [122:7:0] (portscan) TCP Filtered Portsweep [**]
[Priority: 3]
11/27-16:20:45.780261 189.71.104.90 -> 66.249.83.83
PROTO:255 TTL:0 TOS:0x0 ID:12568 IpLen:20 DgmLen:167 DF
Any suggestions?
Thanks in advance... sorry by my poor english :-)
--
Welkson Renny de Medeiros
Focus Automação Comercial
Desenvolvimento / Gerência de Redes
[EMAIL PROTECTED]
Powered by ....
(__)
\\\'',)
\/ \ ^
.\._/_)
www.FreeBSD.org
