DShield
Chris Wright
linux-list at cwic-solutions.co.uk
Mon Jul 18 18:19:08 UTC 2005
> -----Original Message-----
> From: fedora-list-bounces at redhat.com
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Scot L. Harris
> Sent: Monday, July 18, 2005 6:42 PM
> To: 'For users of Fedora Core releases'
> Subject: Re: DShield
>
> On Mon, 2005-07-18 at 12:36, Chris Wright wrote:
>
> >
> > The first of these questions though is to ask if anyone has
> installed a Dshield Client?
> > I've had a look round and found a few possibilities, but
> nothing jumped out at me as the right one to use?
> > Wondered if anyone else used Dshield... (www.dshield.org)
>
> Quick look at the web site you listed has as the first entry
> in the list the client I would look at to read iptables logs.
>
> Not sure this provides any additional protection to your system.
> Appears to just generate a report that is sent back to the
> dshield site.
>
I did download the iptables tar but had troubles getting it to work (so I
thought I would ask on here as well as the DShield List). I didn't know if
it required a special build for FC4. (I'm still reading the section on
compiling source rather than installing new packages).
I have my router transfer its syslogs to one of the boxes inside my network.
These log files are sent to Dshield for analysis only. It doesn't provide
any protection what so ever, Dshield use a %age sample of submitted data to
see what is happening on the net. (SANS (http://www.sans.org/) is also
involved somewhere along the line).
Regards
Chris
More information about the fedora-list
mailing list