Results 1 to 4 of 4
A thread on firewalls in the Coffee Lounge section made me realize that I have no idea how to monitor if my online computer is being probed or attacked or ...
- 10-10-2006 #1Linux User
- Join Date
- Aug 2005
- Posts
- 408
What's the best way to monitor a system for attacks?
A thread on firewalls in the Coffee Lounge section made me realize that I have no idea how to monitor if my online computer is being probed or attacked or whatever. I tried googling, assuming there were programs out there that did this, but I couldn't come up with much (possibly because I'm not sure the right terminology to use to look for an answer). Anyway, are there system logs that record all of this in a way I could figure out or do I need a program to monitor the system for attacks?
Thanks for your help.
- 10-10-2006 #2Linux Guru
- Join Date
- Nov 2004
- Posts
- 6,110
check out /var/log , you will find most of what you need here. Just use grep to find keywords. An example of something I use woud be -
You can check for any keywords you like this way.Code:grep -ir warning * grep -ir ssh * grep -ir breakin
- 10-10-2006 #3Linux User
- Join Date
- Aug 2005
- Posts
- 408
Awesome. I think I was using bad terms to search for an answer.
Thanks.
- 10-11-2006 #4Linux Newbie
- Join Date
- Jul 2006
- Location
- Stuttgart, Germany
- Posts
- 240
Search for snort
Originally Posted by eraker "Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts