I had nearly the same problem.
What i did was to set up snort + guardian. Snort detects root.exe and
cmd.exe (together with lots of other things you dont want in your wire).
Guardian stops access from that computer for a number of seconds (you deside
yourself how log). Was pretty easy to set up
Hello
I have been looking lately after VPN clients for Linux We got a VPN
server running on Windows 2000 server - the standard VPN server that somes
with Windows installation I found several clients for Linux (we run
RedHat 72), but i have problems with deciding which is better / more
Hello Dave
You can configure one of the ports of your router to send a copy of all the
traffic that it receives on that port to another port, where you connect a
PC with a packet sniffer. Depending on your speed you would like eather to
analyse packets on the fly or to save them for later
link.
I started my ipchains learning with TrinityOS by David Ranch
http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html
-Original Message-
From: Victor Usjanov [mailto:[EMAIL PROTECTED]]
Sent: Sunday, February 17, 2002 2:02 PM
To: [EMAIL PROTECTED]
Subject: Help
Hello
I am trying to run ipchains firewall on my computer connected to corporate
nettwork. I created a set of rules that let web and mail and ssh traffic in
and out, and it works just fine. But i got a problem with NFS and samba
traffic. I did not manage to get it running until i placed -A input