On 30/04/02 05:47 -0700, Peter Green wrote: > Thanx > > how can i find whether my system is been port scanned > or not ( which is the log files i should watch0 Set up an ipchains rule, or use portsentry. /sbin/ipchains -A input -s 0.0.0.0/0 -d $MY_IP -i ppp0 -p tcp ! -y -j DENY -l Then tail -f /var/log/messages. Thats for tcp. You can figure out the remaining ruleset, I guess.
> Which are the log files which are to be regularly > watched for security Everything. What you don't need, you don't log. > is there any utility in *nix for getting root pasword > (which is shadow pasword enabled) Brute force. Try John the Ripper. Devdas Bhagat _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
