[Gllug] hacked !
Paul Nasrat
pnasrat at uk.now.com
Thu Nov 29 12:39:50 UTC 2001
On Thu, Nov 29, 2001 at 11:47:19AM -0000, Paul Brazier wrote:
> > Consider some kind of IDS system. I was easily able to port scan your
> > box. A more secure system might have detected a port scan after the
> > first few ports, and temporarily blocked access from that IP. The
> > harder you make it for a potential attacker, the more likely they
> > are to just pick on an easier target elsewhere.
>
> Can anyone recommend an IDS (Intruder Detection System?)
> Can you use iptables for a simple version of this port scan detection or
> do you need something more complex?
I like snort
www.snort.org
With the arachNIDS files from www.whitehats.com
Paul
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list