Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
/var/log/{messages,firewall,warn}
  • From: "Jason P. Stanford" <rusticitas@xxxxxxxxx>
  • Date: Tue, 1 Aug 2000 11:35:27 -0700 (PDT)
  • Message-id: <20000801183527.26029.qmail@xxxxxxxxxxxxxxxxxxxxx>
On my SuSE 6.4 system, I am using the firewal and scanlogd packages. While
familiarizing myself with the system, I'd at one point removed those packages,
then re-installed them. Now the log files in /var/log don't seem quite what I
recall them being originally, but I could be mistaken.

I get identical loggings from firewall in /var/log/firewall and
/var/log/messages. This results in /var/log/messages getting VERY big,
especially due to web traffic to the machine (a lot of ALLOW's). Can I change a
config to prevent firewall from making duplicate entries to /var/log/messages?

Also, scanlogd does not seem to log any scannings except for those from
localhost (127.0.0.1). I've been playing with it, and running nmap on another
machine on my local subnet, but these scans (not in any "stealth" mode) never
get logged and scanlogd is most definitely running. I don't see any config
files for scanlogd, and I didn't see any references to one in the man page.

Any help is greatly apprecitated. Thanks!



__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/

< Previous Next >
Follow Ups