LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 07-30-2002, 05:11 PM   #1
rob_roman23
Member
 
Registered: May 2002
Location: Hoboken NJ
Distribution: Red Hat 7.1,7.3,8.0
Posts: 58

Rep: Reputation: 15
Logging methods


OK I have my linux redhat 7.1 box all set up ( I love it BTW), Got IP MASQ and a pretty solid firewall using IPTABLES. I log everything to a file and then i have a cron job archive all this stuff. Here is my Problem. I want to set up the firewall config to log it to a database. how do i do this? Eventually i will be using this BD and some SQL in a webpage so i can view stats and see who is messing around with my box... And after that, i want to start logging the amount of data that goes through the box. Then make pretty graphs etc...

What i really want is an internal webpage where i can view all these stats so i can actively manage my box... i figure that i do the same greps on my message log so why not automate this into some SQL and make it Pretty.....

Any suggestoins
 
Old 07-30-2002, 05:13 PM   #2
rob_roman23
Member
 
Registered: May 2002
Location: Hoboken NJ
Distribution: Red Hat 7.1,7.3,8.0
Posts: 58

Original Poster
Rep: Reputation: 15
DB not BD

f*in Dyslexia
 
Old 07-30-2002, 06:31 PM   #3
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally posted by rob_roman23
DB not BD

f*in Dyslexia
You know, we do have the Edit option that allows you to edit your posts. Just for anyone else out there that didn't know either..
 
Old 07-30-2002, 07:01 PM   #4
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 55
You'd probably want to get a packet sniffer - the best I can think of snort and portsentry. OK, they are not only packet sniffers to be precise - they are fully blown network intrusion detection systems if used properly, snort can be run as daemon and it can send logs to a designated log directory, so you'll get all the IP's including yours that ever crossed your box (except if your system is compromised already (I hope it is not a case, so I am crossing my fingers) you can log spoofed IP's if a cracker is not an immature scriptkidie) So then you can setup your database to pull info from logs and display it to you. To add more snort incorporates built in and your own rules for misbehavior detection, so you can costumize it the way you want. http://www.snort.org/
 
Old 07-30-2002, 10:19 PM   #5
rob_roman23
Member
 
Registered: May 2002
Location: Hoboken NJ
Distribution: Red Hat 7.1,7.3,8.0
Posts: 58

Original Poster
Rep: Reputation: 15
so i guess there is no way that i can do it with IPTABLES. Even if i code it to execute some sort of code on the trap? Would if i used IPCHAINS? I don't know... I would prefer to do it all myself and not have another app do it for me..
 
Old 08-01-2002, 10:49 AM   #6
rob_roman23
Member
 
Registered: May 2002
Location: Hoboken NJ
Distribution: Red Hat 7.1,7.3,8.0
Posts: 58

Original Poster
Rep: Reputation: 15
Could Any one suggest how i would be able to parse my loggs from a web page... IE i write some SQL to query that page or something of that fashion.. I have done this with Cold Fustion on an NT Box but havn't a clue as to how to do it wit Apache?
 
Old 08-01-2002, 11:10 AM   #7
turnip
Member
 
Registered: Jul 2002
Posts: 143

Rep: Reputation: 15
You can use PHP and and flavor of sql you like, If you're loging traffic to /var/log/messages you can just go there and use (e)grep to filter the file. And maybe get your data like that. OR head over to http://www.demarc.com They have an ap that does whst you want already
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
java -- methods -- please help Laptop2250 Programming 2 12-13-2003 01:46 AM
Other install methods? Icon Mandriva 7 11-01-2003 05:14 AM
Boot methods Nasty Linux - Newbie 1 10-11-2003 05:29 PM
search methods odious1 Linux - Newbie 4 07-11-2003 12:11 AM
using red-carpet without logging out and logging as root. packman Linux - Software 1 12-09-2002 03:55 AM


All times are GMT -5. The time now is 03:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration