Firewall & Security Question
Darryl Hoar
darryl at osborne-ind.com
Wed Apr 30 09:00:36 PDT 2003
Greetings,
my firewall is running 4.4-stable. I have ipfilter
configured and running. I have ipnat running.
All the PC's on my line access our DSL line
through the firewall.
I have tripwire configured and running on my firewall.
Due to some recent activity, I need to be able to
monitor who is doing what on the internet. IE,
maybe a DOS attack being launched through our
connection, etc. More than likely, I have a user
with Kazaa or some other service that is periodically
pumping out quite a bit of data.
What should I use to snoop this out? Should I
connect something between the firewall and the
ADSL router to log whats happening ?
Any ideas greatly appreciated. This periodic activity
brought our DSL throughput down to the point I was
receiving calls.
thanks,
Darryl
More information about the freebsd-questions
mailing list