Date: Mon, 24 Jan 2000 09:32:53 -0500 (EST) From: Steve Mickeler <steve@neptune.on.ca> To: "mr. t" <n8412060@cc.wwu.edu> Cc: security@FreeBSD.ORG Subject: Re: attack notification via email Message-ID: <Pine.LNX.3.96.1000124092523.28150B-100000@triton.neptune.on.ca> In-Reply-To: <Pine.SOL.4.05.10001212327040.29499-100000@titan.cc.wwu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 21 Jan 2000, mr. t wrote: > > Regarding stream, DOS Smurf, trash packet bombing and sybounce... Be nice > to have the OS send an email. I realize this is what syslog is for but > since this might be a once in awhile sort of a thing and its very > important, if you are going to go to the trouble of making the OS smart > enough to recognize these - make option to email the sysadmin too with an > alert message. That's a little more in-your-face than syslog and might be > appropriate for this once in a lifetime event. At least the option would > be really great and give alot of piece of mind - no alerts, nothing > happened while out to lunch. Not all sysadmins know who to write a utility > to scan the logs and email an alert. Besides that's kludgy. > > Just a thought... Theres a couple of great utils that can do this. The first is PortSentry which is designed to detect and respond to port scans against a target host in real-time. The second is LogCheck which is designed to help in the processing of UNIX system logfiles. Both are free and come with source code and can be found at. http://www.psionic.com/ -- Steve Todays root password is brought to you by /dev/random To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.1000124092523.28150B-100000>