[CentOS] log outbound port 80 connections
Ray Van Dolson
rvandolson at esri.comTue Feb 5 17:27:48 UTC 2008
- Previous message: [CentOS] log outbound port 80 connections
- Next message: [CentOS] log outbound port 80 connections
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> > To get more specific about what's going on. My network services have > informed me that the machine is probing other systems at a high rate. An > infection of some sort. And I'm trying to track down what's going on. > The LOG target lets you display the user id of the process I believe, but not the PID. There might be some iptables extensions out there that would do what you're looking for. Don't know them off the top of my head however. Alternately, perhaps you could use SELinux for this? I know its audit logs would give you the level of detail you're looking for, but getting the policy written for it might be challenging. Ray
- Previous message: [CentOS] log outbound port 80 connections
- Next message: [CentOS] log outbound port 80 connections
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list