vern wrote:
>
> Okay I'm just one guy with one computer and
> I like to surf and do email. Is there a way
> to monitor ports, and keep away evildoers?
> I'm used to Windoze programs like Black Ice,
> Zone Alarm and such. I would like to log port
> scans and such sniffer activity hitting my
> machine while online. I've read Network HOWTO's
> IPchains, and firewalling info's HOWTO's and man
> pages. I have no LAN, no separate 486 machine
> for a firewall. I've #'ed out all my services
> and disabled my "super server" (inetd) and tried
> to be as "security conscious" as I know how. There's
> a KDE program called kfirewall (front end for ipchains)
> but no docs, and as of this morning no website to
> get info on how to use it. What am I missing?
> I've looked into Ksnuffle but that seems a bit
> extreme for one machine and one very slow (24K)
> PPP dialup connection. Any help or ideas would be
> appreciated!
> Vern
The absolute best packet logger I've been able to come across is
something called iplog. By default it logs every connection coming into
or out of your machine. You can configure it to ignore some connections
through it's configuration file.
We currently use it on the DMZ machine at work to monitor connections
both legitimate and illegitimate.
iplog can be found on Freshmeat (http://freshmeat.net)
--
Steve Philp, MCSE/MCP+I
Network Administrator
Advance Packaging Corporation
[EMAIL PROTECTED]
