TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:5793] security (some pre-coffee thoughts)...
- To: <tclug-list@listserv.real-time.com>
- Subject: Re: [TCLUG:5793] security (some pre-coffee thoughts)...
- From: "Scott K. Johnson" <skj@visi.com>
- Date: Tue, 4 May 1999 18:34:47 -0500
- Posted-Date: Tue, 4 May 1999 18:33:54 -0500 (CDT)
I think that both sentry & logcheck (as well as some new tools..) are
from www.psionic.com
I use both, and like them quite a bit. The documentation is pretty
good also...
Thanks!
Scott K. Johnson
skj@visi.com
-----Original Message-----
From: JellyD <jellyd@jellyd.org>
To: tclug-list@listserv.real-time.com
<tclug-list@listserv.real-time.com>
Date: Tuesday, May 04, 1999 1:10 PM
Subject: RE: [TCLUG:5793] security (some pre-coffee thoughts)...
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Sometime around the 4th of May in 1999, a certain Eric Hillman said:
>
>: Read up on /etc/hosts.deny -- you can set it up to trigger scripts
which
>: can notify you of attack attempts, lock out intruders permanently
via
>: ipfwadm, or any number of responses. (If you'd like, I have a
script here
>: written by Tom Cross which works quite nicely.) Also, it might be
a good
>: idea to browse your logfiles on a regular basis to look for any
suspicious
>: goings-on. (Even better would be to write a perl or shell script
that does
>: the browsing for you.) Not only will you have a better idea what's
going on
>: with your machine on a daily basis, but if some script kiddie does
make an
>: attempt on your box, you can have the satisfaction of tracking down
the
>: miscreant and getting his mom's AOL account cancelled.
>
>There are packages that do both of these things; I run sentry
>to do the actual port monitoring, having it raise firewall
>rules when violations of rulesets are made, and logcheck, which
>(with more rulesets) scans your system logs and mails you with
>any potential bad things.
>
>I can't recall where I found sentry, but I got logcheck from
>sunsite.
>
>- --
>[--------------------------------------------------------------------
--]
>| Joshua Becker - aka -
JellyD |
>| email: jellyd@jellyd.org IRC: EFnet,
DALnet |
>[--------------------------------------------------------------------
--]
>
>-----BEGIN PGP SIGNATURE-----
>Version: GNUPG v0.4.3 (GNU/Linux)
>Comment: For info finger gcrypt@ftp.guug.de
>
>iD8DBQE3LzgEcmkpI69BOLwRAsbjAJ9ZM63YYZruOYhYSBFexiPGodIBYQCfSlE3
>sNkbkq4zuwUzUAakcNi6RGs=
>=ydkV
>-----END PGP SIGNATURE-----
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
>For additional commands, e-mail:
tclug-list-help@listserv.real-time.com
>Try our website: http://tclug.real-time.com
>
>