> > To get more specific about what's going on. My network services have > informed me that the machine is probing other systems at a high rate. An > infection of some sort. And I'm trying to track down what's going on. > The LOG target lets you display the user id of the process I believe, but not the PID. There might be some iptables extensions out there that would do what you're looking for. Don't know them off the top of my head however. Alternately, perhaps you could use SELinux for this? I know its audit logs would give you the level of detail you're looking for, but getting the policy written for it might be challenging. Ray _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: log outbound port 80 connections
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: log outbound port 80 connections
- From: Ray Van Dolson <rvandolson@xxxxxxxx>
- Date: Tue, 5 Feb 2008 09:27:48 -0800
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <845413EC-19A7-491A-AE86-0829F5C62DAB@xxxxxx>
- References: <738EEAE1-79C0-4844-88C9-0FB7D7C1B02A@xxxxxx> <47A899B1.2030605@xxxxxxxxxxxx> <845413EC-19A7-491A-AE86-0829F5C62DAB@xxxxxx>
- User-agent: Mutt/1.5.17 (2007-11-01)
- References:
- log outbound port 80 connections
- From: Tony Schreiner
- Re: log outbound port 80 connections
- From: John R Pierce
- Re: log outbound port 80 connections
- From: Tony Schreiner
- log outbound port 80 connections
- Prev by Date: Re: Creating a Roaming imap account
- Next by Date: Re: log outbound port 80 connections
- Previous by thread: Re: log outbound port 80 connections
- Next by thread: Re: log outbound port 80 connections
- Index(es):
 |