[Labrea-users] log format question
Status: Abandoned
Brought to you by:
lorgor
Menu
▾
▴
[Labrea-users] log format question
|
From: Paul W. <pw...@nc...> - 2004-04-14 22:11:49
|
I am experimenting with labrea on a FreeBSD 4.9 box using it to tarpit an empty /17. I haven't been able to make the perl tarpit reporting tools operate in a reliable manner with the extreme amount of activity this box is handling (I am quite impressed with how well LaBrea works: 4Mb/s of traffic and climbing). I am working on my own reporting tools and have come across a couple questions about the logs. What does the * represent at the end of some entries? What is the significance of the 'Linux persist activity' log statement? Does the 'Capturing local ip' refer to LaBrea tarpitting a scan to that local ip address? What is the difference between 'Additional activity' and 'Persist Activity' Thank you, -paul |
