Den 10.09.2012 02:12, skrev hernani:
> hello,
>
> I install ubuntu 12.04 and psad, but psad no detect activity scanner
> nmap, i install version 2.2 of psad.
> Psad dont show any errors.
> can someone help me?
>
> Thank you
>
> hernani
>
> ---
[NONE]
Total scan sources: 0
Total scan destinations: 0
[+] These results are available in: /var/log/psad/status.out
[root@fw ~]# cat /var/log/psad/top_attackers
#
# Format:
#
My scanning ip 2 18 2 12 0
[Beskrivelse: Beskrivelse: cid:image002.png@01CCB97E.2ECCE6E0]
Vennli
If i ignore local interface, networks or ports in psad main config file i
cannot use psad in csv or gnuplot mode with local traffic in logs. I use psad
for parsing csv files and graphing firewall logs.
Example:
Local.log contains only localtraffic grepped with cat /var/log/messages|grep
DROP|g
p.csv
Psad -m local.log -O custom.conf -gnuplot -CSV-fields "timestamp dp:counthour"
-gnuplot-file-prefix localdrop
From: Johannes Lavre [mailto:johann...@vfk.no]
Sent: 23. juli 2016 10:40
To: psad-discuss@lists.sourceforge.net
Subject: [psad-discuss] psad config csv and gnuplot
If i
Check if this is enabled in the config.
SHOW_ALL_SIGNATURES
If set to "Y" instructs psad to either include all scan signatures associated
with an IP address in every new email alert for the IP. Note that this may
result in long email alerts if an IP is persistantly hitting your site with
suspic