Re: scanning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ethereal is just a sniffer. I believe paras wanted to be notified of any suspicious activity.
I suggest running snort in NIDS mode to have snort inspect the packets against its ruleset.
Snort will log to a DB, ascii file, sub directories, However you want it.

You want e-mail notification, I suggest logging to syslog (-s option) and using swatch to
watch syslog and e-mail you when it see's something. (This will be ALOT of e-mails).
Anything else you want to do?

Cheers,
Alberto Gonzalez.

PS> If you just want to sniff, use tcpdump.

SchmiTTT wrote:

Hello,

ethereal
or
snort

besides:
does anybody know, where the source-code of 'xconsole' is ???

Regards
Tino.

Am Mon, 2002-12-30 um 11.31 schrieb paras:

hi all
what is the best tool to use to monitor my network and my servers for intruders and hackers?. if some one scans my network i want the action to be notice in my mail or something like that.
i have heard of snort. beside this which is better tool?

Thanks
Paras.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.



------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.



--
The secret to success is to start from scratch and keep on scratching.


------------------------------------------------------------------------
    To unsubscribe email security-discuss-request@linuxsecurity.com
        with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux