[psad-discuss] psad ip status not showing

Wed, 30 Mar 2016 01:19:48 -0700 

I recently installed psad v2.4.3 on a centos 6.7 box and its working exept for 
a minor bug, top 25 ip address attackers and ip status detail is not showing 
when running psad status (psad -S)
Psad is logging these results so i know its working. The first time i started 
psad it showed these results bu tafter i restarted daemon its not show ip 
status and details but it logs them.


[root@fw ~]# psad -S
[+] psadwatchd (pid: 44434)  %CPU: 0.0  %MEM: 0.0
    Running since: Wed Mar 30 09:42:49 2016

[-] psad: pid file /var/run/psad/psad_fw_read.pid does not exist for 
psad_fw_read on fw.cypod.local
[+] psad (pid: 44432)  %CPU: 0.0  %MEM: 2.9
    Running since: Wed Mar 30 09:42:49 2016
    Command line arguments: [none specified]
    Alert email address(es): admin@localhost

[+] Version: psad v2.4.3

[+] Top 50 signature matches:
      "ICMP PING" (icmp),  Count: 6,  Unique sources: 1,  Sid: 384
      "ICMP Timestamp Request" (icmp),  Count: 6,  Unique sources: 1,  Sid: 453

[+] Top 25 attackers:
        [NONE]

[+] Top 20 scanned ports:
      tcp 5358  87 packets
      tcp 8080  85 packets
      tcp 443   6 packets
      tcp 27017 1 packets

      udp 161   574 packets
      udp 53    2 packets
      udp 19    1 packets

[+] iptables log prefix counters:
      "DROP INVALID PKT": 14
      "DROP PKT": 774

    Total protocol packet counters:
        icmp: 12 pkts
         tcp: 179 pkts
         udp: 577 pkts

[+] IP Status Detail:
        [NONE]

    Total scan sources: 0
    Total scan destinations: 0

[+] These results are available in: /var/log/psad/status.out

[root@fw ~]# cat /var/log/psad/top_attackers
#
# Format: <IP> <DL> <total_packets> <uniq_sigs> <sig_matches> <is_local>
#

My scanning ip  2 18 2 12 0



[Beskrivelse: Beskrivelse: cid:image002.png@01CCB97E.2ECCE6E0]



Vennlig hilsen

Johannes Lavre
IKT-Fagarbeider
Horten Videregående skole


Direkte: 93 43 75 05
Jobb: 33 07 90 57
Sentralbord: 33 07 90 00
www.vfk.no<http://www.vfk.no/>
Facebook<http://www.facebook.com/#!/pages/Vestfold-fylkeskommune/136880609677063>
Twitter<https://twitter.com/#!/vestfoldfylke>




------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140
_______________________________________________
psad-discuss mailing list
psad-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/psad-discuss

Reply via email to