How to monitoring activity on a card?

Nathan Kinkade nkinkade at ub.edu.bz
Wed Mar 3 07:30:47 PST 2004


On Wed, Mar 03, 2004 at 09:51:15AM +0000, Francisco Reyes wrote:
> My setup 4.9 stable with IPFW. Machine acts as gateway for two machines.
> 
> What are my options on monitoring activity on my external card?
> 
> This morning I noticed my DSL modem activity light is blinking non-stop.
> Looking at /var/log/ don't see anything suspicious.
> 
> I feel tempted to add "log" to all my ipfw pass rules, but wonder if there
> isn't a better way.
> 
> I am mostly concerned there is either some kind of attack going on or
> somehow the machine was hacked and it's running something it's not
> supposed to.

There are a lot of utilities in the ports collection that will allow you
to monitor your network activity.  One small and useful one is at
net/trafshow.  It's not fancy, but it is curses based and will give you
a quick idea of what is going on.  Other considerations might be ntop or
ethereal.

Nathan
-- 
gpg --keyserver pgp.mit.edu --recv-keys D8527E49
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040303/fa7c3916/attachment.bin


More information about the freebsd-security mailing list