Re: scanning

From: paras (paras@bajranet.com.np)
Date: 12/31/02


From: "paras" <paras@bajranet.com.np>
To: security-discuss@linuxsecurity.com
Date: Tue, 31 Dec 2002 15:56:16 +0545

Thanks for the info. i will go for snort and come up with confusions later.

Thanks all
Paras.

Alberto Gonzalez writes:

> Ethereal is just a sniffer. I believe paras wanted to be notified of any
> suspicious activity.
> I suggest running snort in NIDS mode to have snort inspect the packets
> against its ruleset.
> Snort will log to a DB, ascii file, sub directories, However you want it.
>
> You want e-mail notification, I suggest logging to syslog (-s option) and
> using swatch to
> watch syslog and e-mail you when it see's something. (This will be ALOT of
> e-mails).
> Anything else you want to do?
>
> Cheers,
> Alberto Gonzalez.
>
> PS> If you just want to sniff, use tcpdump.
>
> SchmiTTT wrote:
>
>> Hello,
>>
>> ethereal
>> or
>> snort
>>
>> besides:
>> does anybody know, where the source-code of 'xconsole' is ???
>>
>> Regards
>> Tino.
>>
>> Am Mon, 2002-12-30 um 11.31 schrieb paras:
>>
>>
>>> hi all
>>>
>>> what is the best tool to use to monitor my network and my servers for
>>> intruders and hackers?. if some one scans my network i want the action
>>> to be notice in my mail or something like that.
>>> i have heard of snort. beside this which is better tool?
>>>
>>>
>>> Thanks
>>> Paras.
>>>
>>> ------------------------------------------------------------------------
>>> To unsubscribe email security-discuss-request@linuxsecurity.com
>>> with "unsubscribe" in the subject of the message.
>>>
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------
>> To unsubscribe email security-discuss-request@linuxsecurity.com
>> with "unsubscribe" in the subject of the message.
>>
>>
>>
>>
>
> --
> The secret to success is to start from scratch and keep on scratching.
>
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
 
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.