ConfigServer Community Forum

chirpy, Thanks for that. I got the auto update again this morning. Subject: lfd on toshiro: System Integrity checking detected a +modified system file Time: Thu Jan 29 09:40:08 2009 -0600 The following list of files have FAILED the md5sum comparision test. This means +that the file has been changed ...

The email address is within the alert files.

chirpy, My system auto-updated from 4.36 to 4.38 this morning, and in the process sent me the integrityalert email as follows: Time: Wed Jan 21 09:40:07 2009 -0600 The following list of files have FAILED the md5sum comparision test. This means +that the file has been changed in some way. This could ...

Brilliant. Figured that out shortly after my reply, sorry I neglected to update the post to mention that. Thanks for taking the time to explain.

chirpy, I guess I didn't catch the "repeated attempts to one port" as part of the port scanning. I certainly don't want to disable PF, and I've read elsewhere about disabling DROP_PF_LOGGING, but does that end up stopping the port scanning feature? Is there some way I can (without violatin...

Here's what the email notices are looking like. Note, I only changed my IPs in this list because I have to believe A) the IRS has good security controls on their ingress traffic, and B) the IRS has good security controls on their egress traffic and workstation security. This guy is a confirmed legit...

Guys, I have a peculiar issue that's popped up since installing and configuring csf/lfd. I do believe I've followed the instructions and config file directives properly, but maybe I've overlooked something obvious to you. :cool: A little background. CentOS 5.2-64. Opteron 1216. Physical host (not VP...

Sorry, but it's not a bug per se... From the config file: # Do NOT use this option if your server uses IP's on the bogon list (e.g. this # is often the case with servers behind a NAT firewall using ip routing) The only way bogons work along with using something like a 10.0.0.0/8 private network is i...