I began getting many alerts from snort on incoming traffic from the dynamic range of my ISP (insightbb). Connecting back to the source IPs on port 80 showed the google search page. A quick nmap -A showed it to be a linux box, running Google httpd 2.0 (GFE) on port 80 and 443. After some [...]
Tag Archives: snort
Monitoring with Cacti
Posted by david on October 9, 2010
0 comments
Remote Monitoring I added “agentaddress tcp:161″ to snmpd.conf which cases snmpd to listen on tcp port 161. Then it was easy to tunnel the tcp communication with ssh and eliminated the need for the buggy socat method. SSH tunnel ssh -f -N -L 6003:localhost:161 user@digitaldogma.org Then I setup the host using tcp:127.0.0.1 and port 6003 [...]