On Friday 13 April 2001 22:45, Balázs Bárány wrote:
> You are right, we could make it an option. That would break some reports,
> however; Analog is very flexible but it simply has no concept of what it
> should do with an IP address if it is not the requesting host but the
> requested target, for example.
It works fine for me, though. No complaints from Analog, and it was the only thing I've changed. The output then shows a long list of IP's, with the port-numbers they tried to connect on. What I like about it is, that I can see how many tries one host has had on a specific port, which is (IMHO) better if you're attacked on the same port by multiple people - for example, five different machines connecting on telnet. Then you can see who does it the most.
Anyway, you're the author, you decide. I thought it'd be smarter that way, but I also appreciate your point of view. Under all circumstances, I love fwanalog, since the other few programs I've tried were either cumbersome to set-up, or not at all helpful!
Kenneth Vestergaard Schmidt
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 22:22:03 CEST