Custom probe settings
The follow probe supplies the web server with appropriate headers, satisfying the requirements of apache's mod_security, otherwise tons of log entries are generated complaining about missing host header, user agent header, and invalid options.
Name: http Type: TCP Port: 80 Send: HEAD / HTTP/1.0\r\nHost: networkmonitor.mydomain.com\r\nUser-Agent: The-Dude/2.2\r\nAccept: text/*\r\n\r\n Receive: ^HTTP/1\\.
The default SSH probe gives the following log entries in /var/log/secure:
Did not receive identification string from ::ffff:XXX.XXX.XXX.XXX
To clean this up, I changed the ssh probe to the following:
Name: ssh Type: TCP Port: 22 Conncet Only: unchecked First Receive, Then Send: Checked Send: <greyed out> Receive: ^SSH\\.* Send: SSH-2.0-TheDude-Ping\r\n Receive: Send: Receive:
Now the entry I get in the log file is:
Connection closed by ::ffff:XXX.XXX.XXX.XXX
The connection is now "properly" closed by The Dude.