From owner-freebsd-isp Tue Jan 29 7:52:23 2002 Delivered-To: freebsd-isp@freebsd.org Received: from rallos.eatonform.com (rallos.eatonform.com [206.190.178.235]) by hub.freebsd.org (Postfix) with ESMTP id 071D237B404 for ; Tue, 29 Jan 2002 07:52:20 -0800 (PST) Received: (from rch@localhost) by rallos.eatonform.com (8.11.2/8.11.2) id g0TFrn493588; Tue, 29 Jan 2002 10:53:49 -0500 (EST) Date: Tue, 29 Jan 2002 10:53:49 -0500 From: Robert Hough To: jim Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Security methods Message-ID: <20020129105349.A93293@acidpit.org> Mail-Followup-To: jim , freebsd-isp@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from jim@jwweeks.com on Tue, Jan 29, 2002 at 09:43:07 -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Jan 29, 2002, jim wrote: > I would like to get a rough idea as to what people are using for hacker > detection i.e. port scan logging, deception software, etc. Possibly some > pointers on recently well written articles. man security - if you have not already. It's not a be all, end all guide or anything, but I think it's a good start in the right direction. Things like aide, logcheck, and other utilities make for good first starters, but there are tons of other things that can be done too. Hell, just digging around in ports/security can be hours of fun. :) Plenty of things to read here, should keep ya busy for a bit: http://rr.sans.org/intrusion/intrusion_list.php -- Robert Hough (rch@acidpit.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message