iplogの起動
# /usr/local/sbin/iplog

/var/log/iplog 　私は探してまいました（笑）
デフォルトでのログ出力は　/var/log/messages です(；一_一)
　↓　こんな感じ(*^^)v

[root@localhost log]# cat messages | tail -50 | less
Aug 3 19:26:22 sub iplog[＊＊＊]: UDP: ＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊(153 data bytes)
Aug 3 19:26:22 sub iplog[＊＊＊]: UDP: ＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊(138 data bytes)
Aug 3 19:27:09 sub iplog[＊＊＊]: TCP: pop3 connection ＊＊＊＊＊＊＊

/var/log/iplog 　に出力する場合、/etc/iplog.conf を自分で作成する必要があるらしいです^^;

------------------------------------------------------------

（例）
# Run as an unprivileged account with the login "iplog"
user iplog
# Run with group "nogroup"
group nogroup
# User "iplog" has write permission for the directory "/var/run/iplog"
pid-file /var/run/iplog/iplog.pid
# Log to /var/log/iplog
logfile /var/log/iplog

-----------------------------------------------------------
iplog.conf　で　/var/log/iplog に出力を設定すると・・・
　↓　こんな感じ（*^_^*）

[root@server2 log]# cat iplog | tail -50 | less
Aug 3 20:17:29 UDP: dgram to port ＊＊＊from sub.yumidon.com ＊＊＊＊ (121 data bytes)
Aug 3 20:28:38 TCP: ssh connection attempt from pc3.yumidon.com (192.168.＊.＊):＊＊＊



　ローカルサーバ（server2）から　ステルススキャンを試してみました。
　ちゃんと、ちゃんと　iplogは感知してます(*^^)v　凄い！！

Aug 3 21:15:59 sub iplog[16414]: TCP: whoami connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: port 847 connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: port 448 connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: port 1458 connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: rndc connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: port 1507 connection attempt from server2.yumidon.com:61486
Aug 3 21:15:59 sub iplog[16414]: TCP: SYN scan detected [ports 32777,786,27665,565,847,448,1458,953
,1507,357,...] from server2.yumidon.com [port 61486]
Aug 3 21:16:50 sub iplog[16414]: TCP: SYN scan mode expired for server2.yumidon.com - received a