[Gllug] hacked !
will
will at hellacool.co.uk
Thu Nov 29 13:04:51 UTC 2001
Paul Brazier wrote:
>>Consider some kind of IDS system. I was easily able to port scan your
>>box. A more secure system might have detected a port scan after the
>>first few ports, and temporarily blocked access from that IP. The
>>harder you make it for a potential attacker, the more likely they
>>are to just pick on an easier target elsewhere.
>>
>
> Can anyone recommend an IDS (Intruder Detection System?)
> Can you use iptables for a simple version of this port scan detection or
> do you need something more complex?
Have a look at tripwire and portsentry:
http://www.tripwiresecurity.com/
http://www.linuxjournal.com/article.php?sid=4751
The portsentry site was not responding, but is linked to from the
linuxjournal site. I have not used these packages before but have heard
good things about them. I am sure others have their favouites :-)
Will.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list