LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-11-2011, 04:45 AM   #1
qrange
Member
 
Registered: Jul 2006
Location: Belgrade, Yugoslavia
Distribution: Debian
Posts: 724

Rep: Reputation: 29
proftp log MAC address?


how do you configure proftp to log MAC address on LAN, not just IP?
 
Old 03-11-2011, 05:06 AM   #2
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
By looking at http://www.proftpd.org/docs/directiv...LogFormat.html and the man page, it seems that you can't log by MAC address.

Josh
 
Old 03-11-2011, 05:14 AM   #3
qrange
Member
 
Registered: Jul 2006
Location: Belgrade, Yugoslavia
Distribution: Debian
Posts: 724

Original Poster
Rep: Reputation: 29
oh

there must be some other way. iptables?
 
Old 03-11-2011, 05:29 AM   #4
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
You could do it with iptables and snort, if you are willing to go that far
That's what I do on my laptop. With my network setup, I have my laptop for capturing the logs, and with iptables I drop all connections not originating from my source IP. I use snort as the logging front end.
 
Old 03-11-2011, 07:46 AM   #5
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
I am not entirely sure what you are after as far as your logging, but logging mac addresses will be limited at best. MAC addresses do not route, at least completely, and your scope will be limited to seeing the MAC of your interface and the next hop in the chain. This can be used effectively to whitelist desired client connections to a local resource, but won't scale to a wide area implementation.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to make a log of each ip and mac address atomic.rabbit Linux - Networking 7 02-12-2009 02:40 AM
will tinyproxy or Dansguardian log mac address gfem Linux - Software 2 02-26-2007 06:55 PM
mac address log lyte Linux - Security 2 12-10-2004 09:14 PM
How would i log the source MAC address w/ iptables? phek Linux - Security 12 12-14-2001 12:18 PM


All times are GMT -5. The time now is 01:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration