On Feb 18, 2012, at 9:34 PM, Les Bell wrote:
>
> Al <mailinglist@xxxxxxxxxxx> wrote:
>
>>>
> Any suggestions on what to run on a centos box to verify that the
> server isn't compromised or being sniffed? Thanks!
> <<
>
> For "isn't compromised", you need a host integrity verification
> system like
> Tripwire or AIDE (which is in the base repo). Expect to have to
> tweak the
> config to cover the stuff you've got installed.
>
> You can detect sniffing by checking for promiscuous interfaces on
> the LAN -
> use proDETECT (http://sourceforge.net/projects/prodetect/) or a
> similar
> tool for this purpose.
>
> Alternatively, if you have the time and resources, you could run a
> full-blown network intrusion detection system like Snort
> (http://www.snort.org).
>
> Best,
>
> --- Les Bell
> [http://www.lesbell.com.au]
> Tel: +61 2 9451 1144
>
>
Les,
Thanks for the suggestion, I will run through all the methods stated
to me...
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
