Fedora Servers :: Syslog Listening On Port 514 For Both Firewall And IDS Logs?

Jan 17, 2010

Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.

Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??

View 2 Replies


ADVERTISEMENT

Ubuntu Servers :: Named Is Listening On The Wrong Port?

Jul 11, 2010

update:

Code:
luke@media:~$ sudo service bind9 restart
* Stopping domain name service...

[code]....

View 4 Replies View Related

Fedora :: Finding PID Associated With Listening Port

Sep 25, 2009

When I do netstat -pantu it shows a dash where the pid would be. I have also checked lsof -i and see no pid associated with the port. How do I find what program is keeping the port open?

View 1 Replies View Related

OpenSUSE Network :: Firewall Logs Are In /var/log/{firewall,warn,messages} - Clutter?

Mar 25, 2011

I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.

View 9 Replies View Related

General :: SFTP Server Port Blocked On Uni Network / Need To Change Listening Port

Oct 21, 2010

VERY new to linux, erm but I have an issue that needs solving!I recently moved to university, where their network blocks sftp port 22, this means that I cannot connect to my FTP server which is running a version of linux.Now I've got this ftp server connected to a seedbox and it was created using the following walk through..Code:I have written this guide for a friend, but I though it would be useful for others as well.

There are several guides floating around, but I found that most always cock up in some way. This one is tried and tested to work on Debian Etch (on an OVH rps, but should apply to most servers).If there is a new stable release of rtorrent/libtorrent then I will update this guide to show you how to update it (without reinstalling the whole server).

At the bottom there are also instructions to install ftp access & some network monitoring software.Basically, I would really like someone to be able to construct the commands on how to change the listen port for sftp connection on linux or add another port to the list that Linux would use so that I could put in through putty.

View 2 Replies View Related

Server :: SSH Is Still Listening On Port 22 After Change To A New Port?

Apr 6, 2011

I edited "sshd_config" file and changed port 22 to a new port. After I restart ssh, it listens on port 22 and the new port. How can I disable SSH to listen on port 22? I'm using Debian.

View 6 Replies View Related

General :: Disable Cron Logs From Php-syslog-ng?

Aug 9, 2010

i installed php-syslog-ng 2.9.8m in RHEL5 box. I saw logs from the local machine once the cron execute in every one minute.I dont need to appear those in my syslog console. I want to disable these from my linux box.How can i archive this

View 1 Replies View Related

Security :: Syslog - Missing Entries To Logs

May 23, 2011

CentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what! Last night I got the following in my logwatch : -

Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
[Code]...

The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.

View 2 Replies View Related

Server :: Configuring Syslog And Exporting Of Logs?

Jan 17, 2011

configure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server

View 6 Replies View Related

General :: Forward System Logs To Syslog Server?

Sep 24, 2009

I'm running Ubuntu Desktop 9.10. How do I get it to forward its logs to a syslog server (its running on a different machine)?

View 2 Replies View Related

Software :: Remote Syslog Logging For Apache Logs ?

Feb 2, 2009

For remote syslog logging of the general log files, I set:

Quote:

How do I setup the remote syslog logging of apache logs? Do I just add a line in the httpd.conf file to for example ?:

Quote:

View 2 Replies View Related

CentOS 5 :: Syslog-ng Remote Clients But No Local Logs?

May 13, 2010

I installed syslog-ng so I can receive remote logs. this is working however since I disabled syslog on my syslog-ng server I am not logging in /var/log/messages cron and some others.locally)I know this is because my syslog-ng.conf only references remote and not local.How can I edit the syslog-ng.conf file so that I can receive remote and local? I tried this however when adding in portions of the default config, I only receive local and not remote logs anymore. I am forwarding my config.

# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But

[code]....

View 2 Replies View Related

Fedora Servers :: Postfix Only Listening On Localhost ?

Oct 27, 2009

I am trying to get my own email server set up, and so far its been going pretty smooth, The only thing that is not working right now is receiving emails. I can send email just fine, and when they are sent they are even sent from the proper addresses, but when I try to send an email to my domain, it does not go through.

I have the port forwards set up on my router to send all traffic on port 25 over to my mail server, I can telnet to the smtp server from the localhost just fine, but when I try to telnet from another computer on my network it gives me this message

Quote:

So I ran a netstat -an on my mail server to see what ip address smtp is listening on and I get this result


Quote:

Now most guides I find for this problem just say to un comment the line in the master.cf that says "smtp inet n - - - - smtpd", the problem is that line is already uncommented and I am still not able to telnet to port 25 from any machine on my network.

Here is my main.cf, tell me if there is anything that I can do.

Quote:

View 3 Replies View Related

Security :: Support Of Third Party Tools Logs In Syslog/rsyslog?

Aug 23, 2010

I am searching that how i can configure syslogs/rsyslog to receive third party tools or softwares logs. For example i have a program that generates logs like when it is started and logs about its services, alerts if there are any alarms etc. I want to forward these logs using syslogs/rsyslog. Is their any possibility how can i achieve that

View 2 Replies View Related

CentOS 5 Server :: Rotating Named Logs Via Syslog.conf?

Mar 1, 2010

OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none/var/log/messages

Here is the logging section of my named.conf

# pwd
# /var/named/chroot/etc
logging
{

[code]....

View 5 Replies View Related

Ubuntu Networking :: Configure 10.4 Machine To Write Its Logs To A Syslog Server?

Oct 18, 2010

how does one configure a Ubuntu 10.4 machine to write its logs to a syslog server?

View 1 Replies View Related

Networking :: How To Allow A Port In Fedora Firewall

Jan 28, 2010

i have to deal with reverse proxy issue and want to access few LAN devices having port 5900 and 9999, what exact steps i have to follow to allow this port in fedora firewall.

View 3 Replies View Related

Networking :: Ssh Listening To A Non-standard Port?

Oct 2, 2010

I am running Ubuntu 64-bit and I have been trying to set up an ssh connection between the Ubuntu server and a Windows 7 client (using putty) and when I enter the command:

Code:
sudo netstat --inet -lpn | grep sshd
I get the following:

[code]....

View 3 Replies View Related

Fedora Networking :: Tool To Create Multiple Listening Servers On TCP And UDP Ports

Jan 17, 2011

Looking for a test tool where I can fire up any number of ports (TCP and / or UDP) to listen on.

I am currently getting my using nc but its only 1 port at a time (i know I can open up multiple sessions but thats cumbersome), it can't do UDP, and it closes at the end of the session.

A friend has suggested socat but it looks pretty much the same except it can do UDP, but also cumbersome, I have to manually output to a different file per port, etc.

Basically its so I can quickly test firewall and NAT rules.

View 7 Replies View Related

General :: Open Firewall Port On Fedora 14?

Apr 17, 2011

I want to open the port 18680 on my remote Fedora 14 machine. I didsudo iptables -I INPUT -p tcp --dport 18680 -m state --state NEW,ESTABLISHED -j ACCEPTsudo iptables -I OUTPUT -p tcp --sport 18680 -m state --state ESTABLISHED -j ACCEPTsudo service iptables saveThe status returned is OK.I have also opened the port on my security group on Amazon. Also, I rebooted the machine.When I use the browser to view the application running at port 18680 the browser cannot connect.

View 1 Replies View Related

General :: Close Listening Port In Ubuntu 10.04?

Jul 7, 2010

I know that ports are, by default, not filtered; they simply don't respond to requests if there are no services listening on the port. Well, running netstat -tulpn gives:

Code:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
[code]....

View 3 Replies View Related

Server :: Apache Is Not Listening On Port 8080?

Dec 2, 2010

My Apache is not listening on port 8080. Hence i cant access my server manager [URL]

View 2 Replies View Related

Server :: If Forward A Port In Iptables, Does The Port Have To Be Open On The Firewall

Aug 5, 2009

If I forward port 80 to port 3128 for squid with an iptable rule, does port 3128 have to be open on the firewall or is this all routed behind the firewall?

View 4 Replies View Related

General :: Http - Find Out Which Process Is Listening On A Port?

Mar 16, 2011

How can I find out which process is listening on a port on linux?

View 5 Replies View Related

General :: Determine What Program Is Listening To Some Port , TCP , UDP In System?

Jan 21, 2010

Is there a way to determine what program is listening to some port, TCP or UDP, in Linux?

View 4 Replies View Related

Security :: IPtables And FTP When Server Listening On Non-Standard Port?

Nov 9, 2009

I'm using iptables with modules ip_contrack_ftp to be able to use passive ftp. It works well as long as port 21 is being used as listening port. Is there any way to make it work when I configure my ftp server (vsftpd) to listen on an alternative port, lets say 21001 or something? The helper module only seems to be working properly with the standard port, so I was wondering whether there was a way to "tell it" that another port is being used? I mean, of course I make a rule in fw to allow traffic to the alternative port.

But once it's time to start passive connection, then the iptable module cannot handle it properly. I could solve the problem by making a range of passive ports in the ftp-server configuration and allow the incoming traffic to them, but then using helper modules doesn't make any sense. I just want to allow the traffic to the listening port and then want the ip_contrack_ftp module to take care of the rest. This is what I do today - but only port 21 seems to be working. Is there a way to do this with a non-standard ftp port?

View 5 Replies View Related

Security :: Unable To Make 27000 Port On Listening Mode?

Nov 1, 2010

i tried my best andwrite all the commands given below. but port 27000 is not in listening state.Note: I spoofed MAC address (change MAC address)on this MAchine.here is my iptables file.

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter

[code]....

View 2 Replies View Related

Programming :: Bind The Listening Socket To A Paricular Ip Address And Port?

Jun 26, 2011

I am learning network prgramming in linux in c,and try to build a server and in this server I want to bind the listening socket to a paricular Ip address and port.Bind function is showing error,I did not want to use wild card. Here is the code.

#include<stdio.h>
#include<sys/socket.h>
#include<strings.h>
#include<netinet/in.h>
#include<arpa/inet.h>
#include<string.h>

[Code]...

View 2 Replies View Related

Server :: Error "no Listening Sockets Available, Shutting Down Unable To Open Logs [FAILED]" When Restart The Service Httpd

Apr 2, 2011

[root@itsupport ~]# service httpd restart Stopping httpd: [FAILED] Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80

no listening sockets available, shutting down Unable to open logs [FAILED] Iam facing the above error when i restart the service httpd

View 9 Replies View Related

Networking :: Using A Perl Script To Test For A Socket Listening On A UDP Port On A Remote Host?

Mar 10, 2011

is it possible using a perl script to test for a socket listening on a UDP port on a remote host ?I work in an environment where netcat is not allowed and from time to time I need to see if a UDP port is open on a remote host.

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved