Image

Linux stuff - computer and real security.

Need help? Or just want to chat about your rig.
Locked
ChairmanMao

Linux stuff - computer and real security.

Post by ChairmanMao » Wed Mar 04, 2009 4:49 pm

Wow, so I have had snort installed and running on my network for a month.

So far it has blocked over 14,000 attack!! Wow.

Here are the most popular 5:

ET MALWARE SOCKSv5 UDP Proxy Inbound Connect Request (Linux Source) protocol-command-decode 5625(39%)

(portscan) Open Port unclassified 3236(22%)

ICMP L3retriever Ping attempted-recon 1182(8%)

ET CURRENT_EVENTS Possible Downadup/Conficker-A Infection Checking Geographical Location trojan-activity 1111(8%)

SQL probe response overflow attempt attempted-user 744(5%)

The Conficker thing aint Conficker, it is coz I use LCD Miscellany that shows my IP address and I haven't disabled the rule.


Also, another cool linux app I have come across is ZoneMinder:

http://www.zoneminder.com/

Awesome CCTV/WebCam interface with motion detection - u can use it to check your car is safe, or to monitor your work place ;)

Locked