Re: How to monitoring activity on a card?
--1Wg5Vd7si6EhrIHA
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Mar 03, 2004 at 09:51:15AM +0000, Francisco Reyes wrote:
> My setup 4.9 stable with IPFW. Machine acts as gateway for two machines.
>=20
> What are my options on monitoring activity on my external card?
>=20
> This morning I noticed my DSL modem activity light is blinking non-stop.
> Looking at /var/log/ don't see anything suspicious.
>=20
> I feel tempted to add "log" to all my ipfw pass rules, but wonder if there
> isn't a better way.
>=20
> I am mostly concerned there is either some kind of attack going on or
> somehow the machine was hacked and it's running something it's not
> supposed to.
There are a lot of utilities in the ports collection that will allow you
to monitor your network activity. One small and useful one is at
net/trafshow. It's not fancy, but it is curses based and will give you
a quick idea of what is going on. Other considerations might be ntop or
ethereal.
Nathan
--=20
gpg --keyserver pgp.mit.edu --recv-keys D8527E49
--1Wg5Vd7si6EhrIHA
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQFARfl+O0ZIEthSfkkRAkhAAJ41P443kVhBrq/TtndJSc1c2b/h5ACfcLh4
SnzrTYeHOUNcWGdP/SgLV6o=
=oEe8
-----END PGP SIGNATURE-----
--1Wg5Vd7si6EhrIHA--
討論串 (同標題文章)
完整討論串 (本文為第 5 之 6 篇):