Powerful tool to monitor coarse/fine grained external network IP attacks?
Scot L. Harris
webid at cfl.rr.com
Sat Mar 18 02:39:51 UTC 2006
On Fri, 2006-03-17 at 08:38 -0800, Dan Thurman wrote:
> I have been using a lot of tools from packet analyzers
> to firestarter and such but I have yet to find a powerful
> security tool with course/fine grained monitoring of say the
> top X IP activities of IP accesses to systems of interest.
>
> I have used BlackIce and other ISS security tools before but
> I am interested in any free or opensourced security tools that
> allows one to monitor these activities in real-time mode.
>
> I was thinking along the lines of something like what is in
> firestarter, top, and system-monitor combined in a away that
> allows for maximum flexibility when monitoring IP accesses
> and possibly with the addition of event notification of say
> a DDOS attack or port attacks or any of that sort of thing.
>
> Occasionally, I may suspect that I am under attack and would
> like to whip up the security monitor to start probing for
> potential attacks and to assuage my fears and to take any
> necessary actions to thwart any further attacks...
>
> Anyone have any suggestions?
Sounds like you want to look at snort and some of the tools that have
been built upon snort.
More information about the fedora-list
mailing list