Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 04-12-2007, 03:16 AM   #1
LQ Newbie
Registered: Aug 2006
Posts: 4

Rep: Reputation: 0
Security and intrusion detection

Hello to the world of Linux,

I am a newbie in the world of linux and have decided to setup my own server with RH es 4. I have been hunting on the old mighty google for guidelines and examples for securing a Linux enviroment. So here is my question ( I am not expecting any body to spoon feed me the information, but pointing me in the right direction would be great):

1. I want to set iptables(firewall) on the server and run portsentry, been hunting for some information, but everything I found is explained in a way that I am not able to understand. Does anybody know of a site where these things are explained in the straight forwardest way possible or is there an ulternative for iptables?

2. I was also been looking at the IDS option, but for a newbie this is also a bit confusing

3. I have once found a pdf doc that explained how you can manually find intrusion using the 'ps', 'last' and other commands to look at history of directorys and files last changed and work on, If anybody can point me to where I can find something like this again it would be apreciated.

Any help would be apreciated and all I am asking is to be pointed in the right direction. I am a Windows Tech converted into Linux junky, so going into deep waters here.

Old 04-12-2007, 06:24 AM   #2
Registered: Sep 2004
Location: UK
Distribution: Ubuntu
Posts: 117

Rep: Reputation: 16
This thread [ur][/url] may help with IP Tables. The main alternative is Shorewall I believe, though I haven't really used it.

One thing I found about portsentry was that after installing it an nmap scan of the machine reported various trojans running on about 20-25 ports.
Something that I have found quite handy is logcheck, it checks your logs for suspicious activity and sends an email to the address specified by you.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Intrusion detection ? sachin1361 Linux - Enterprise 1 03-10-2007 07:58 AM
intrusion detection fakie_flip Linux - Security 4 08-19-2005 06:24 PM
Intrusion Detection L1nuxbug Linux - Security 4 07-21-2004 06:20 AM
Intrusion Detection!!! egyptian Linux - Security 2 04-02-2004 12:37 PM
Intrusion Detection? matador Linux - Security 5 09-03-2003 05:44 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:04 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration