I want to create a script that logs all incoming and outgoing connections to
a file. Please help.
Cross_AM wrote:
> I want to create a script that logs all incoming and outgoing connections
> to a file. Please help.
Cross: Why not take a look at installing the ‘arpwatch’ package? If you
need something more flexible and granular, take a look at ‘nagios’.
–
Menes Narmer
menesofmemphis [at] gmail [dot] com
“Unity and humility is the lesson all of history teaches.”
Menes Narmer wrote:
> Cross_AM wrote:
>
>> I want to create a script that logs all incoming and outgoing connections
>> to a file. Please help.
>
> Cross: Why not take a look at installing the ‘arpwatch’ package? If you
> need something more flexible and granular, take a look at ‘nagios’.
>
Will check that out. thank you.
Cross_AM wrote:
> Menes Narmer wrote:
>
>> Cross_AM wrote:
>>
>>> I want to create a script that logs all incoming and outgoing
>>> connections to a file. Please help.
>>
>> Cross: Why not take a look at installing the ‘arpwatch’ package? If you
>> need something more flexible and granular, take a look at ‘nagios’.
>>
> Will check that out. thank you.
I was thinking of a script so as to make it lightweight. All I need is the
the following info logged:
- amount of download
- source
- time
I will check both packages now.
Cross_AM wrote:
> I was thinking of a script so as to make it lightweight.
Cross: arpwatch will probably have what you need, then. If you need it to
be even more lightweight, you could probably just run a cronjob that
logs ‘netstat -nt’ and ‘netstat -c’ to a file. Take a look at the man
pages for netstat to see if something strikes your bell. ‘socklist’ might
even work for you.
HTH!
–
Menes Narmer
menesofmemphis [at] gmail [dot] com
“Unity and humility is the lesson all of history teaches.”
Menes Narmer wrote:
> Cross: arpwatch will probably have what you need, then. If you need it to
> be even more lightweight, you could probably just run a cronjob that
> logs ‘netstat -nt’ and ‘netstat -c’ to a file. Take a look at the man
> pages for netstat to see if something strikes your bell. ‘socklist’ might
> even work for you.
>
> HTH!
>
I think logging netstat -c to a file and then adding the Recv-Q values for
tcp and udp connection will do the job for me.