[c-nsp] Log analyzer/ACL advice
Jason Lewis
jlewis at packetnexus.com
Fri Jan 5 11:25:13 EST 2007
I wrote an ACL summarizer that you could probably modify for your task.
http://packetnexus.com/aclsumm.txt
jas
Drew Weaver wrote:
> I'd like to setup honeypots within my network which have no useful
> services what-so-ever running on them for the purpose of detecting and
> ultimately preventing any network access to various types of security
> bots (SSH scanners, brute force pw types). Has anyone ever found a
> package or a simple script for linux that will look in the /messages log
> (or any other log) and advise ACL/Null routes based on observed attacks?
>
> thanks,
> -Drew
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list