Monitoring Tool
Mark Haney
mhaney at ercbroadband.org
Tue Feb 20 16:21:51 UTC 2007
Nilesh wrote:
> Hello All,
>
> Some one trying to Hack My System I have checked the
> /var/log/messages but could found the entries for
> which remote systems are trying to connect to my
> system
> Which logs should I check?
> or is there good software for real time alerts
>
> Regards
> Nilesh.
>
> --- Mad Unix <madunix at gmail.com> wrote:
>
chkrootkit is a good one for looking to see if your system is exploited,
but I'm personally quite pleased with OSSEC (www.ossec.net) it's an IDS
that will allow you to actively respond to particular threats. I have
mine set to automatically block IPs who are scanning my system's sshd or
http.
--
Ita erat quando hic adveni.
Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415
More information about the redhat-list
mailing list