On Friday 07 March 2003 02:23 pm, Leonardo wrote: > i've just finished setting up a mdk9.0 server with postfix, mailman, > iptables and apache. Things are going fine, but I would like to know how > can I detect any security breaches on my system to prevent possible hacker > invasions. I've been using the netstat command but there should be > others... > > Thanks in advance, > Leonardo Sá > Recife, Brazil
Well your html messages aren't going to get too many answers, cause most folks filter them out. I occasionally scan my trash for list messages, so I saw yours. What you want is to sign up for the security advirories list and stay updated. If you want a real firewall put it on a machine between you and the net connection. MNF, which is free to download does a wonderful job, and still allows you to forward ports your server uses to the server. Nothing like Norton's Personal Firewall exists which will notify you about regular net traffic (remember personal firewall will claim an ftp connection on port 21 is the WinCrash trojan cause it sometimes also uses port 21). You can activate prelude and watch the logs, and you can load chkrootkit, and you can compile the kernel specifically for your machine with all modules compiled in and none loading, which helps proof against rootkits, but remember linux is by nature much much more secure than the best lockdown you can put on windows. Civileme
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com