<quote who="[EMAIL PROTECTED]">
> Jeff suggested, over boiled television entrails I think, that snort was a
> nice program to monitor others attempts at your machine. I have downloaded
> and compiled snort, and have the default snort.conf file and a few
> questions. OK it needs to be run as root. Now as I prob wan tot run this
> when I am connected whats the best way to do this safely: I want to run in
> network intrusion detection mode.
Best to run as part of the /etc/ppp/ip-up.d/ scripts, thus it will run as
root without any hassle.
> Question 2: does any one have a simple rules file suitable for a home
> network where I am connected via ppp0.
Knowing that you've got Debian on at least one of your machines, I'd
recommend installing the package and pillaging the configuration files. I
do the same for most of the non-Debian machines I administer; gets you
started very quickly. :)
- Jeff
--
"World domination is a community responsibility." - Michael Hall,
LinuxPlanet
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
