The original desire for a way to occasionally check for hack-in attempts
is satisfied by the 2 commands "lastb" and "last" suggested by Ed.
Other related issues came up in this thread; I trust that they've been
addressed. My sense is that my firewall is as it should be. The
suggestions fail2ban, Wireshark, and OSSEC strike me as overkill, and
difficult for a non-sysadmin non-security person, so I'm passing on those.
Patching the workstation (I do that weekly) and upgrading
(semi-annually) could change things like the firewall without me
knowing. I've known these to create new groups and log-in names. Thus
the desire to be able to occasionally check things (beyond what
chkrootkit and rkhunter do). I've also been getting a lot of e-mails
from addresses ending with ".ng" which are not spam (advertising) but
probably are malicious (not sure; I just delete them). Recently, I've
also started getting messages from addresses ending in "qq.com"
(normally those would be from China) just like the ".ng" messages.
These ".ng" and ".qq.com" messages have html attachments. There are
other subtle hints of trouble. So I hope you understand my concern, and
some desire to keep an eye on things.
I thank the 9 list members who contributed to this thread for their time
and effort helping me. I've marked this thread "SOLVED". But I will
continue to watch it for further posts.
Bill.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
