LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Combining psad with fwsnort and sshauth.pl (https://www.linuxquestions.org/questions/linux-software-2/combining-psad-with-fwsnort-and-sshauth-pl-607408/)

kaplan71 12-17-2007 01:52 PM
Combining psad with fwsnort and sshauth.pl
 
Hi there –

I have psad 2.1 running in auto_ids mode, and I have it configured, via the auto_dl file with a whitelist of known good servers. The next step I had in mind was utilizing fwsnort and sshauth.pl with psad.

I downloaded version 1.0.3 of fwsnort, and ran the fwsnort binary to create the fwsnort.pl file. The newly created .pl file has the appropriate whitelisted servers within it. Similarly, I downloaded the sshauth.pl file from the cipherdyne website.

My question is the following: If I want to use fwsnort and sshauth .pl files, do I have them run in daemon mode? If not in that manner, what is the correct way to have them interoperate with psad? Thanks.


All times are GMT -5. The time now is 04:52 PM.