Re: [SLE] Using scanlogd
![](https://seccdn.libravatar.org/avatar/49f4da837b7edeea1f4c58800ded2ddb.jpg?s=120&d=mm&r=g)
* Praise
Are you sure it got started? Look for scanlogd in /etc/rc.config, and doublecheck. To start it manually do: rcscanlogd start, and try portscanning yourself again.
It got started, and it has PID 483.
I will let you know if I find out something I am doing wrong.
And nothing appears in /var/log/messages and/or /var/log/warn?
In the man pages, it says I got to add the following lines to syslog.conf : daemon.alert /var/log/alert
I did that, and /var/log/alert is empty!
What if you use the default SuSE package with no changes whatsoever? -- Mads Martin Joergensen, http://mmj.dk "Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little bit more effort." -- A. P. J.
![](https://seccdn.libravatar.org/avatar/b441f5ea159fb7dc9cca7691ff0a5c02.jpg?s=120&d=mm&r=g)
Suse 7.1 kernel 2.4.4 Am reading this thread with interest as I am not sure if my out of the box Scanlogd is working. I get the following at boot. Brian Marr Oct 9 06:15:30 gringo kernel: scanlogd uses obsolete (PF_INET,SOCK_PACKET) On Tuesday 09 October 2001 01:15, you wrote:
* Praise
[Oct 08. 2001 17:44]: Are you sure it got started? Look for scanlogd in /etc/rc.config, and doublecheck. To start it manually do: rcscanlogd start, and try portscanning yourself again.
It got started, and it has PID 483.
I will let you know if I find out something I am doing wrong.
And nothing appears in /var/log/messages and/or /var/log/warn?
In the man pages, it says I got to add the following lines to syslog.conf : daemon.alert /var/log/alert
I did that, and /var/log/alert is empty!
What if you use the default SuSE package with no changes whatsoever?
![](https://seccdn.libravatar.org/avatar/49f4da837b7edeea1f4c58800ded2ddb.jpg?s=120&d=mm&r=g)
* Brian Marr
Suse 7.1 kernel 2.4.4 Am reading this thread with interest as I am not sure if my out of the box Scanlogd is working. I get the following at boot.
Brian Marr
Oct 9 06:15:30 gringo kernel: scanlogd uses obsolete (PF_INET,SOCK_PACKET)
That does not mean it does not work--it's just a kernel compatibiltiylayer, but when beeing used it of course complains about it. -- Mads Martin Joergensen, http://mmj.dk "Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little bit more effort." -- A. P. J.
participants (2)
-
Brian Marr
-
Mads Martin Joergensen