For a couple of weeks my logs have been full of reportedly blocked icmp probes. I mean FULL, all day long every second. I hope Bastille has got me covered. (I mean it only logs blocked attempts, it don't log what gets thru). I configured Bastille with the Interactive setup, and chose most of the recommendations for hardening security and left nothing open from the outside. No ftp or anything. I do occasionally run samba. But I'm still worried. Anybody else being hammered? Any security suggestions from anyone? (I run portsentry too, but it hasn't added any new blocked ips in about a month!) Any new forms of the chkrootkits or trojan detection scripts out there? (I'm not as up on linux security as I should be). TIA, -s
