Re: intrusion detection

From: Adrian Chapela <achapela.rexistros@xxxxxxxxx>
Date: Wed, 29 Oct 2008 16:49:05 +0100

Celejar escribió:

On Wed, 29 Oct 2008 22:00:30 +0630
David Bernier <david250@xxxxxxxxxxxx> wrote:

...

The Gnome system monitor now shows incoming traffic at 4 kB/sec every 20 seconds. Maybe
this is when my computer contacts an SNTP server ( simple network time protocol).

Would a package such as ethereal tell me what this traffic is?

Probably. It would tell you what protocol it is, what system is being
contacted, and exactly what data is being transmitted. Ethereal
understands many protocols, and will interpret them for you.

Is it possible use OSSEC on a linux router/firewall to control traffic?

--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

References:
- intrusion detection
  - From: David Bernier
- Re: intrusion detection
  - From: Osamu Aoki
- Re: intrusion detection
  - From: David Bernier
- Re: intrusion detection
  - From: Celejar

Prev by Date: Lenny RAID1
Next by Date: Re: Lenny RAID1
Previous by thread: Re: intrusion detection
Next by thread: Re: intrusion detection
Index(es):
- Date
- Thread

Relevant Pages

Re: Lenny: mouse srewed in OpenGL application
... changing the mouse Protocol from "auto" to "ImPS/2" did not make any changes - and according to the log file xorg can deal with the 'auto' protocol. ... Everything worked fine as usually until I wanted to use a graphics program ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
(Debian-User)
Re: Security Breach: A zero byte file created in my home directory
... Sorry for the trouble to all who had to read. ... The second one corresponds to the BOOTPprotocol. ... Only real connection attempts should be logged. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
(Debian-User)
Re: vnc+gdm+xinetd - SOLVED
... protocol = tcp ... It is easy to find fault, ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
(Debian-User)
Re: SPF in DNSs and mail servers
... servers to avoid spam is used by a lot af administrators or it's just a new protocol without future in Internet. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
(Debian-User)
Re: PS/2 mouse vs USB mouse
... seldom does work, usually it doesn't. ... For Ubuntu Maverick and Natty it's ... It might help to specify which protocol the mouse uses in your ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
(Debian-User)