LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-11-2002, 08:55 PM   #1
TimDimman
LQ Newbie
 
Registered: Feb 2002
Location: Sandy Eggo, CA
Distribution: RedHat 7.2
Posts: 3

Rep: Reputation: 0
Hacking...


I know there is a /var/log dir, but how can I monitor my setup so that I know I'm not constantly being hacked?

I have Firestarter running as a firewall currently, but since I haven't rebooted, I can't read the GUI log...

Anyways, if anyone can point me in the right direction (basically learn how to read the log files) I'd greatly appreciate it!

This is a nice forum BTW...

Tim
 
Old 02-11-2002, 09:55 PM   #2
Scotty2435
Member
 
Registered: Dec 2001
Location: Waco, Texas USA
Distribution: Redhat 7.1
Posts: 232

Rep: Reputation: 30
i think that's a good place to look but you're probably not in any danger unless you run servers like ftp, telnet, ssh, and web.
 
Old 02-12-2002, 02:34 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Try to see firewalling as a *deterrant*.
For intrusion *detection*, with the ability to raise alarms, add rules to the fw conf, and stats you could use Snort.
For a breakdown on how the values in your firewall's log add up, google "Robert Graham" or "firewall seen", for an active breakdown google "iptables logfile analyzer" (which should be somewhere in the .cc domain).
 
Old 02-12-2002, 07:00 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
hmm, IS there a decent alternative to the word "hacking" in that sense? i'm a hacker, but not in that sense...
 
Old 02-12-2002, 12:51 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Well, usually in this context the word "probing" would be correct.

Eh, if you was the one that tried to explain the workings of kernel parts on IRC liking it to flan, crusts and mint sauce (or smptin like that) I'd like to see you define "hacking" :-]

And leave Ulrika-ka-ka or The Dove From Above outta it :-]
 
Old 02-12-2002, 04:11 PM   #6
TimDimman
LQ Newbie
 
Registered: Feb 2002
Location: Sandy Eggo, CA
Distribution: RedHat 7.2
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally posted by acid_kewpie
hmm, IS there a decent alternative to the word "hacking" in that sense? i'm a hacker, but not in that sense...
Would you be more comfortable if I preceded it with Hollywood?

I am running several servers, I'd like to run http which is not currently set up, SSH and ftp.

I'm just worried about opening myself up too much...

Thanks for all the help so far! More is definitely welcome!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacking Exposed Wireless Hacking Chapter prompt Linux - Wireless Networking 0 05-08-2004 03:44 PM
hacking narendra_i Linux - Security 2 11-15-2003 03:53 AM
HAcking adam_h General 11 09-25-2003 04:40 PM
hacking moeminhtun General 1 01-09-2003 05:39 AM
in how many was hacking is done ashis Linux - Security 5 06-15-2001 06:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration