From owner-freebsd-questions@FreeBSD.ORG Sun Mar 13 23:32:50 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6EF3316A4CE for ; Sun, 13 Mar 2005 23:32:50 +0000 (GMT) Received: from hosea.tallye.com (joel.tallye.com [216.99.199.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id E32F443D41 for ; Sun, 13 Mar 2005 23:32:49 +0000 (GMT) (envelope-from lorenl@alzatex.com) Received: from hosea.tallye.com (hosea.tallye.com [127.0.0.1]) by hosea.tallye.com (8.12.8/8.12.10) with ESMTP id j2DNWmUQ008756 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 13 Mar 2005 15:32:49 -0800 Received: (from sttng359@localhost) by hosea.tallye.com (8.12.8/8.12.10/Submit) id j2DNWmkh008754; Sun, 13 Mar 2005 15:32:48 -0800 X-Authentication-Warning: hosea.tallye.com: sttng359 set sender to lorenl@alzatex.com using -f Date: Sun, 13 Mar 2005 15:32:48 -0800 From: "Loren M. Lang" To: sgnezdov@sergei.homeunix.org Message-ID: <20050313233248.GR18080@alzatex.com> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="D8QxnvyRlKGQJxl7" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-GPG-Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc X-GPG-Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C cc: freebsd-questions@freebsd.org Subject: Re: Howto monitor system security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Mar 2005 23:32:50 -0000 --D8QxnvyRlKGQJxl7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Mar 13, 2005 at 09:58:41PM +0000, Sergei Gnezdov wrote: > Sorry, it is a rather generic message, but the problem is a generic as > well. >=20 > I am running my FreeBSD machine on DMZ. I use ipfw and I expose http > and smtp ports. I also expose sshd port, but only to a trusted > network (work). I'd like to know what is the best way to monitor my > machine security. >=20 > FreeBSD security email is rather anoying, because it keeps sending > messages even if nothing has changed. I need an email sent to me only > if there is something abnormal. What happens when someone breaks in and disables it from sending email? Think of it as a kind of heartbeat. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=20 I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: CEE1 AAE2 F66C 59B5 34CA C415 6D35 E847 0118 A3D2 =20 --D8QxnvyRlKGQJxl7 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCNM2gbTXoRwEYo9IRApZvAJ422U2RHsgHDeK7ywTS9i5rTRzVqgCeLPcb i+q28uT1NcCQzDp2h7AcApc= =rKKR -----END PGP SIGNATURE----- --D8QxnvyRlKGQJxl7--