6.0, allow remote logging?
Bill Schoolcraft
bill at wiliweld.com
Sat Feb 4 23:33:01 PST 2006
At Sat, 4 Feb 2006 it looks like Matthew Seaman composed:
> Bill Schoolcraft wrote:
> > But when I go to check an see if the external port 514/udp is open I
> > get nothing showing:
> >
> > #############################################################
> >
> > [root at logserv ~]-> nmap localhost
> >
> > (The 1660 ports scanned but not shown below are in state: closed)
> > PORT STATE SERVICE
> > 22/tcp open ssh
> > 25/tcp open smtp
> > 80/tcp open http
> >
> > #############################################################
>
> Umm... by default nmap only scans /TCP/ ports. syslog is a /UDP/ service.
>
> Try sockstat(1) to see what network ports processes are listening on, and
> use nmap like so to scan for UDP listeners:
>
> # nmap -sU -p U:1-8080 hostname
>
> Note that UDP scans intrinsically tend to take a lot longer than TCP scans --
> the nmap(1) man page explains why -- so don't try scanning too many ports at
> once, or you'll be waiting years for a result.
>
Thanks Matthew for the above example. I tried it and nothing came
up as open. And my 'ps -auxw' output shows syslogd running with the
"-s <ipaddr>" too. I wonder how to trigger that port to receive
packets. Apparently syslogd believes all is well. :(
TIA
--
Bill Schoolcraft | Life's journey is not to arrive at the
PO Box 210076 | grave safely in a well preserved body,
San Francisco,CA 94121 | but rather to skid in sideways, totally
http://wiliweld.com | spent, yelling "holy shit, what a ride!"
More information about the freebsd-questions
mailing list