Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Cool monitoring outgoing ssh connection

    How monitoring outgoing ssh connection in all network and create daily report for that connection (like source ip and destination ip and time). Anybody suggest which firewall or utility i can use network .

    1) 50 user network.
    2) linux and windows both machine usered in network
    3) User connect out side of network useing putty and ssh
    4) cyberoam UTM is also in network but unable to create report

    Last edited by sbhopale; 04-04-2013 at 03:19 PM.

  2. #2
    Just Joined!
    Join Date
    Sep 2008
    netflow analyzer may be able to create reports. NTOP also will, but reports are not very nice.

  3. #3
    both are not enough

  4. $spacer_open
  5. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    The Keystone State
    The real question is what are you trying to accomplish here? Are you looking for everything leaving or incoming or both?

    If you are just looking for Source/Destination/Time then you could add a rule to iptables to log all new connections something like this:

    iptables -I FORWARD -s dport 22 -m conntrack --ctstate NEW -j LOG --log-prefix "SSH New: "
    iptables -I FORWARD -d dport 22 -m conntrack --ctstate NEW -j LOG --log-prefix "SSH New: "
    These rule will catch connections both way and log them
    Then you could process your message file to create your report.


    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts