Portsentry no loguea eventos
Hola, instale de nuevo Portsentry y retoque el archivo
portsentry_config.h y /etc/syslog.conf para que loguee en
/var/log/portsentry todos los eventos de port scaning sobre mi PC. Pero
luego de ejecutar desde otra PC el comando "nmap -P0 mi_host" y "nmap
-sU mi_host" no sale ningun evento en el log, es como si no hubiera
ocurrido ningun escaneo de puertos.
El archivo /var/log/portsentry mio dice solo esto:
mi_host:/etc/portsentry# tail -f /var/log/portsentry
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 32774
Aug 8 23:13:50 portsentry[7140]: adminalert: Going into listen mode on
UDP port: 31337
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 31337
Aug 8 23:13:50 portsentry[7140]: adminalert: Going into listen mode on
UDP port: 54321
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 40421
Aug 8 23:13:50 portsentry[7140]: adminalert: PortSentry is now active
and listening.
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 40425
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 49724
Aug 8 23:13:50 portsentry[7136]: adminalert: Going into listen mode on
TCP port: 54320
Aug 8 23:13:50 portsentry[7136]: adminalert: PortSentry is now active
and listening.
Por favore necesito su ayuda para ver que puede pasar que no me loguea
los escaneos con nmap.
Muchas gracias
alejandro.-
Reply to: