Reply With QuoteI am not sure what firestarter is but you should try portsentry and logcheck. Great tools....At the height of the code red/nimda virus I was getting 2 or 3 hits every minute!
I recently installed firestarter and after some putzing got it working and logging "hits". *I'm amazed at how often my system is being querried by unknown persons. *It's averaging at *2 Code Red Worm hits an hour plus frequent other access attempts that I haven't identified yet. *Fortunetly I'm not running windows!
I am not sure what firestarter is but you should try portsentry and logcheck. Great tools....At the height of the code red/nimda virus I was getting 2 or 3 hits every minute!
I'd recomend streaming some of your logs to a terminal or terminals so you can watch them in real time. It can be fun and educational.
How do you stream the logs to a terminal?I'd recomend streaming some of your logs to a terminal or terminals so you can watch them in real time. It can be fun and educational.
You add a duplicate entery to your syslogd.conf like *.X /dev/tty8 if you want to X messages streamed to tty8.
Thanks. I will play with my syslogd.conf later today.You add a duplicate entery to your syslogd.conf like *.X * * /dev/tty8 if you want to X messages streamed to tty8.
or you could just open a terminal and do:
Code:tail -f /var/log/messages (or syslog)
If I am using Dial-up access will I need to set up anything like this?
Correct me if I'm wrong, anyone, but firewalling for this reason is not necessary since the viruses seek ip addresses and with a dialup, you don't have an ip address per se, the ISP does. It's necessary for direct connections like dsl since you are assigned an ip address. At least this is how I understood how it was explained to me.
Posting Permissions
Bookmarks