[plug] Log monitoring, nasty crackers

John Summerfield summer at os2.ami.com.au
Thu Aug 6 06:42:28 WST 1998


On Wed, 5 Aug 1998, Terry Porter wrote:

tripwire is recommended by CERT as being one product worth a look. It's on
the official RH 5.1 CD application sampler, but can also be downloaded.

see www.rootshell.com for more on this and other hacker detecters.


btw The recent spate of hackers attacking CGI scripts has abated..

> Hi all,
>       Firstly this is aimed at the non isp contingent among us.
> 
> 	All you good folks DO monitor your logs when online don't you just
> so you know who is trying to crack into your box, while your happily
> surfing etc ? Or even when friends with accounts on your system, or others
> who have seen the Freeciv server you were testing, log in, or connect to
> one of the MANY ports on your box.
> 
>  What you **don't***!. Linux is a crackers paradise, lots of goodies on
> YOUR box, its not win-doze you know!
> 
>       May I recommend "Xlogmaster", this X app, is at a nice stable stage
> at the moment, and is perfect for the above.
> 
>       Xlogmaster can create pop-ups on triggers ie " connect refused from
> nasty_cracker.crack.com" etc and they pop up in whatever virtual desktop
> you happen to be in at the time!
> 
>       Other options are , raise, lower, hide,alert,notice,uniconify, and
> execute a program as a result "trace-route nasty cracker? nuke nasty
> cracker - just kidding :-)"
>       
>       Search for Xlogmaster on www.slashdot.net, you'll also need to
> install GTK+-1.0.5 if you don't have it, its a piece of cake to install.
> you can find it at www.gtk.org, 1.0.5 is the current stable release.
>       
>       I'm currently running Xlogmaster 1.4.2-pre alpha, but the currently
> avail ver is 1.4.1, and 1.4.2 will be out in a few days.
> 
>       Its all tar-balls, at this stage , so if you don't know what to do,
> or have other queries post here!
>      
>       terry
> 

like my sig!!




More information about the plug mailing list