On Fri, Jun 4, 2010 at 12:32 AM, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > > On Thursday 2010-06-03 20:15, ratheesh k wrote: >>2010/5/30 Tomáš Vlček <tomasvlcek@xxxxxxxxx>: >>> Maybe psad (Port Scan Attack Detector) is that what are you looking >>> for. Check http://cipherdyne.org/psad/index.html. >> >>I gone through the link . It seems to be heavy for my embedded application . > > Yes it looks complicated from a developer POV. I myself think > why would it have to put up with analyzing log messages > (which are known to be not overly precise) when direct delivery > with libnetfilter_queue/_log seems like a more ideal goal - > eliminating the extra trip through syslog and the fs. \ Thanks Jan . ulogd demon could be modified to do analysis of packet to find out what of kind of attack has taken place ? -Ratheesh -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
