LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-12-2007, 02:16 AM   #1
soutTech
LQ Newbie
 
Registered: Aug 2006
Posts: 4

Rep: Reputation: 0
Security and intrusion detection


Hello to the world of Linux,

I am a newbie in the world of linux and have decided to setup my own server with RH es 4. I have been hunting on the old mighty google for guidelines and examples for securing a Linux enviroment. So here is my question ( I am not expecting any body to spoon feed me the information, but pointing me in the right direction would be great):

1. I want to set iptables(firewall) on the server and run portsentry, been hunting for some information, but everything I found is explained in a way that I am not able to understand. Does anybody know of a site where these things are explained in the straight forwardest way possible or is there an ulternative for iptables?

2. I was also been looking at the IDS option, but for a newbie this is also a bit confusing

3. I have once found a pdf doc that explained how you can manually find intrusion using the 'ps', 'last' and other commands to look at history of directorys and files last changed and work on, If anybody can point me to where I can find something like this again it would be apreciated.

Any help would be apreciated and all I am asking is to be pointed in the right direction. I am a Windows Tech converted into Linux junky, so going into deep waters here.

Thanks
 
Old 04-12-2007, 05:24 AM   #2
clb
Member
 
Registered: Sep 2004
Location: UK
Distribution: Ubuntu
Posts: 117

Rep: Reputation: 16
This thread [ur]http://www.techenclave.com/forums/simple-iptables-tutorial-4401.html[/url] may help with IP Tables. The main alternative is Shorewall I believe, though I haven't really used it.

One thing I found about portsentry was that after installing it an nmap scan of the machine reported various trojans running on about 20-25 ports.
Something that I have found quite handy is logcheck, it checks your logs for suspicious activity and sends an email to the address specified by you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Intrusion detection ? sachin1361 Linux - Enterprise 1 03-10-2007 06:58 AM
intrusion detection fakie_flip Linux - Security 4 08-19-2005 05:24 PM
Intrusion Detection L1nuxbug Linux - Security 4 07-21-2004 05:20 AM
Intrusion Detection!!! egyptian Linux - Security 2 04-02-2004 11:37 AM
Intrusion Detection? matador Linux - Security 5 09-03-2003 04:44 AM


All times are GMT -5. The time now is 02:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration