Sophie

Sophie

distrib > Mageia > 7 > i586 > media > core-release > by-pkgid > c4baf510416d3106a3648b941f6ef964 > files > 11

iplog-2.2.3-25.mga7.i586.rpm

iplog 2.2.3 by Ryan McCabe <odin@numb.org>
------------------------------------------

iplog is a TCP/IP traffic logger.  Currently, it is capable of logging 
TCP, UDP and ICMP traffic.  Adding support for other protocols
should be relatively easy.

iplog's capabilities include the ability to detect TCP port
scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks,
bogus TCP flags (used by scanners to detect the operating system in use), 
TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP
fragment attacks.

iplog is able to run in promiscuous mode and monitor traffic to all hosts
on a network.

iplog uses libpcap to read data from the network and can be ported
to any system that supports pthreads and on which libpcap will function.


NOTE
----

Some people have reported that iplog doesn't log anything for them. To those
people:

Can you try commenting out line 41 of iplog.c and seeing if that makes iplog
produce logs.  If it does, what percentage of CPU time does ps or top show
iplog consuming?  If deleting that line helps you at all, I'd be interested
in hearing about it.  Could you send me email with your operating system
and OS version and details about what happened when you removed that line.


TESTED PLATFORMS
----------------
* FreeBSD (3.x, 4.0)
* OpenBSD (2.6 and up)
* BSDI (4.0, 4.01)
* Solaris (2.5.1, 7, 8)
* IRIX 6.5


GETTING IPLOG
-------------

The primary distribution site for iplog is http://ojnk.sourceforge.net

Mirrors:

USA:    ftp://ojnk.sourceforge.net/pub/ojnk/iplog
USA:    http://www.numb.org/~odin


OTHER
-----

Please note that iplog will not build with BSD make.  GNU make must be
used.  It is available from any GNU mirror.  Please do not send me email
about iplog not building on BSD if you're not using GNU make.

libpcap can be retrieved from http://www.tcpdump.org

If you compile libpcap yourself, remember to put
"mkdir /usr/local/include/net ; make install-incl"  "make install" alone will
not install the pcap header files.

The linuxthreads library (for Linux libc5) can be found at 
ftp://ftp.inria.fr/INRIA/Projects/cristal/Xavier.Leroy/linuxthreads.tar.gz

GNU make can be found at ftp.gnu.org:/pub/gnu/make

Any contributions (testing, comments, bug reports, ports, enhancements,
etc) are greatly appreciated.











$Id: README,v 1.20 2001/01/01 19:42:54 odin Exp $

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional