Manualshelf

Internet Express for Tru64 UNIX Version 6.10 Administration Guide (5900-1418, March 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Internet Express Software
181182183184185186187188189190
Figure 62 View Log File Page
To specify the types of events to be recorded in the FireScreen log file, access the Configure
FireScreen menu and choose Set Options. See Section : Setting Command-Line Options for more
information.
Viewing FireScreen Statistics
FireScreen invokes the /usr/sbin/screenstat command to display statistics for IP packet
handling.
To view FireScreen statistics, choose View Statistics from the View FireScreen Status menu.
The statistics are displayed (Figure 63).
Figure 63 View Statistics Page
Snort Intrusion Detection System
Snort is an intrusion detection system which enables you to log packets, and track network activity
on IP networks. Snort files are installed in the following directories:
SubsetContentsDirectory
IAESNORTSnort executable Snort configuration file/usr/internet/security
IAESNORTSnort documentation/usr/internet/docs/snort
On Tru64 UNIX, Snort runs in two different modes: sniffer, packet logger, and network intrusion
detection. Network intrusion detection currently does not work on Tru64 UNIX. In sniffer mode,
Snort will continually read packets from the network and display them on the console. In packet
logger mode, it will write the packets to a log file on disk.
Sniffer Mode — display TCP/IP packet headers
./snort -v (show IP and TCP/UDP/ICMP headers)
./snort -vd (include packet data)
184 Network Security Administration