in reply to ? monitor unsuccessful connection attempts ?

you don't want to write your own software for this. instead, pick up PortSentry.

it is a package designed to do exactly this. it is not entirely Free Software, but it is free for use and redistribution (unmodified) by corporations (and everyone else).

for the exclusion by port part, you may want to look at the ipchains package which provides firewalling and masquerading capabilities (ipfwadm under 2.0).

  • Comment on Re: ? monitor unsuccessful connection attempts ?

Replies are listed 'Best First'.
RE: (2) ? monitor unsuccessful connection attempts ? (PortSentry)
by ybiC (Prior) on Jul 07, 2000 at 09:31 UTC
    Thanks a bunch, mdillon - PortSentry is even Debianized!

    Looks like logcheck may give me some trouble as a seriously unstable Debian package, but Potato is expected soon.

    Update: perusing the PortSentry info, looks like it runs a server of sorts that listens on every port you wish to monitor. mdillon was soooo right - I don't want to write it myself. grin
[reply]

In Section Seekers of Perl Wisdom