Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    What's the best way to monitor a system for attacks?

    A thread on firewalls in the Coffee Lounge section made me realize that I have no idea how to monitor if my online computer is being probed or attacked or whatever. I tried googling, assuming there were programs out there that did this, but I couldn't come up with much (possibly because I'm not sure the right terminology to use to look for an answer). Anyway, are there system logs that record all of this in a way I could figure out or do I need a program to monitor the system for attacks?

    Thanks for your help.

  2. #2
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    check out /var/log , you will find most of what you need here. Just use grep to find keywords. An example of something I use woud be -
    grep -ir warning *
    grep -ir ssh *
    grep -ir breakin
    You can check for any keywords you like this way.

  3. #3
    Awesome. I think I was using bad terms to search for an answer.


  4. $spacer_open
  5. #4
    Linux Newbie framp's Avatar
    Join Date
    Jul 2006
    Stuttgart, Germany
    Quote Originally Posted by eraker I need a program to monitor the system for attacks?...
    Search for snort
    "Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts