Charles Marcak said:
> I am looking for a program to start at boot up and report any hacking
> attempt and there IP address. A GUI front end would be nice but not
> necessary. I am running RH9.
>
Here is what I would recommend (which is very likely an overkill):
* Configure IPTABLES with logging. Send the messgaes to LOCAL# and run a
log parsing utility (logcheck, logwatch, swatch, etc) to filter for failed
attampts.
http://www.linuxguruz.com/iptables/howto/iptables-HOWTO.html
* Alternately you could try adding portsentry to log failed network
attempts and potential hacking attempts.
http://sourceforge.net/projects/sentrytools/
* Setup Snort / ACID for IDS. ACID provides a nice frontend for Snort.
http://www.snort.org/docs/
Matt
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:54:49 EDT