[techtalk] getting ports scanned...
-sjh-
ruthia at sarth.com
Mon Oct 9 13:17:41 EST 2000
Check out the security stuff at www.psionic.com -- great stuff, and they're
locals :P
----- Original Message -----
From: "K. Ziel" <zoop at scc.net>
To: <techtalk at linuxchix.org>
Sent: Sunday, October 08, 2000 7:59 AM
Subject: [techtalk] getting ports scanned...
> Hi--
>
> Now that I'm freshly over my DNS angst, I am logging everything that I
deny in
> my firewall so that I know what's going on...
>
> So, i've been scanned a lot the last few days, and while I htink that I
built a
> pretty good firewall, I am want to know if someone has managed to
infiltrate.
>
> What should I look for in my process list to tell me if i've got friends
in my
> home box?
>
> I thot that perhaps I should log EVERYTHING, that way I know if someone
> got in on a port that i've allowed for say...web access. that of course,
leads
> to TOO much logging..
>
> then, i thot perhaps a cron, checking if my /var/log/messages has been
updated,
> and not quite sure how to do that....getting only the latest update to
messages.
>
> arg.
>
> Kristin
>
> _______________________________________________
> techtalk mailing list
> techtalk at linuxchix.org
> http://www.linux.org.uk/mailman/listinfo/techtalk
>
More information about the Techtalk
mailing list