|File Search||Catalog||Content Search|
ourmon… more info»
compiles on both FBSD and Linux/ubuntu: Oct 2006 WHAT IT DOES Records irc JOIN and PRIVMSG commands in a daily log file which is swapped at midnight. ircfr.sh will kill and restart, and backup the previous day's log. ircfr can be used in conjunction with the ourmon irc module to investigate suspicious IRC channels. Make sure the snap length (-s) is 256 bytes or bigger. HOWTO INSTALL 0. install ourmon ... or at least make sure you have the pcap libs. 1. to compile BSD: Make -f Makefile.bsd Linux: Make -f Makefile.linux 2. modify ircfr.sh as needed. 1.2. run ircfr -i INTERFACE -f /outputfilename (ircfr.sh does this). make sure interface is correct! 3. put in crontab, run at midnight. does 3 days worth of logging. E.g., 0 0 * * * root /home/mrourmon/bin/ircfr.sh Make sure ircfr.sh is executable!