Worried about having been hacked
James Allsopp
jamesaallsopp at googlemail.com
Mon Jul 6 17:01:47 UTC 2009
Hi,
I've a Fedora core 10 system which spends a lot of the time connected
directly to the internet, with a static ip. The only external ports open
are 80 and 22. SSH only allows access to one non-root user via an rsa
key. I'm using an IPtables script from
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html
However, I normally get my logs e-mailed to an external account and
they're not getting to me. I'm not sure if they've not been sent or my
logs are being altered and hidden. How do I diagnose this problem, and
in general look for security incursions. I'm thinking of leaving
wireshark running on the external ethernet card and see what happens.
Thanks, any advice much appreciated.
Jim
More information about the fedora-list
mailing list