Re: pppoe
On Monday 23 June 2003 15:05, Zygimantas Berucka wrote: > On Mon, Jun 23, 2003 at 02:01:51PM +0200, Robert Ian Smit wrote: > > There is a nice package called pppoeconf that will setup a PPPoE > > connection. > > Martynas said he _used_ pppoeconf for configuration too. And I have the > same problem like Martynas. Log's say that "Authentication failed" even > the username and password are correct. I don't know what to do. > > P.S. Martynai, maybe this list isn't the best place for this question > ;-) Hi, I Had the same problem, but my username was wrong. Look again and watch in /usr/share/doc/pppoe Here is another nice site for dsl-users http://www.adsl4linux.de/ And i think this is definitly the wrong list for this problem. Write to debian-user@lists.debian.org Tom
Re: OT: An Idea for an IDS
Hi, There is an Intrusion Detection System(IDS) named Snort (http://www.snort.org) There you can log to syslog, database, tcpdump-file,... And there are some Preprozessors which can block 'bad' Traffic. Snort can do much more. Read the FAQ http://www.snort.org/docs/FAQ.txt Thomas Bechtold On Tuesday 01 July 2003 00:38, Phillip Hofmeister wrote: > Greets all, > > A previous post spawned an idea of mine. I am not sure if there is a > project available for this or not. Here we go: > > A daemon sits running in the background listening to a special device > (/dev) or an IPC which would originate from syslog-ng. This daemon > would then parse the log and look for suspicious things. If it found > something suspicious it would use regular expression to grab out > pertinent parts of the log (say the IP address) and act on the log > accordingly (in real time) by say dropping an IPTABLE rule down on the > IP address. > > Are there any projects out there to do this right now. If not, is this > a good idea? If it is who would be a person/group that would be > qualified and have the time/interest to develop it. > > Just throwing out a random conscious thought, > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import > -- > Excuse #202: That's easy to fix but I can't be bothered.
Re: OT: An Idea for an IDS
Look snort 2.0.0 [1] It's an Intrusion Detection System. Theres an Preprozessor for Snort called 'Guardian'[2] to do things like you want. But read the other answers in this thread carefully! Thomas Bechtold [1] http://snort.org [2] http://www.chaotic.org/guardian/ On Tuesday 01 July 2003 00:38, Phillip Hofmeister wrote: > Greets all, > > A previous post spawned an idea of mine. I am not sure if there is a > project available for this or not. Here we go: > > A daemon sits running in the background listening to a special device > (/dev) or an IPC which would originate from syslog-ng. This daemon > would then parse the log and look for suspicious things. If it found > something suspicious it would use regular expression to grab out > pertinent parts of the log (say the IP address) and act on the log > accordingly (in real time) by say dropping an IPTABLE rule down on the > IP address. > > Are there any projects out there to do this right now. If not, is this > a good idea? If it is who would be a person/group that would be > qualified and have the time/interest to develop it. > > Just throwing out a random conscious thought, > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import > -- > Excuse #202: That's easy to fix but I can't be bothered.
honeyd and libdnet
Hi, I want to install honeyd on my Debian-Box for testing. honeyd[1] isn't in the Package-tree from Debian so i have to compile it by hand. honeyd needs the 'libdnet'-package[2] to work. I installed this package but now commands like 'ifconfig' or 'nmap' doesn't work. The error is: - server:/# ifconfig : error fetching interface information: Device not found - If i use 'ifconfig eth0' then it works. I don't know why. Now my questions are: - How works DECnet[3]? - How to configure dnet-common and the /etc/decnet.conf - Why needs honeyd this lib Cheers Thomas Bechtold - [1] http://www.citi.umich.edu/u/provos/honeyd/ [2] http://libdnet.sourceforge.net/ [3] http://linux-decnet.sourceforge.net/
Re: pppoe
On Monday 23 June 2003 15:05, Zygimantas Berucka wrote: > On Mon, Jun 23, 2003 at 02:01:51PM +0200, Robert Ian Smit wrote: > > There is a nice package called pppoeconf that will setup a PPPoE > > connection. > > Martynas said he _used_ pppoeconf for configuration too. And I have the > same problem like Martynas. Log's say that "Authentication failed" even > the username and password are correct. I don't know what to do. > > P.S. Martynai, maybe this list isn't the best place for this question > ;-) Hi, I Had the same problem, but my username was wrong. Look again and watch in /usr/share/doc/pppoe Here is another nice site for dsl-users http://www.adsl4linux.de/ And i think this is definitly the wrong list for this problem. Write to [EMAIL PROTECTED] Tom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT: An Idea for an IDS
Hi, There is an Intrusion Detection System(IDS) named Snort (http://www.snort.org) There you can log to syslog, database, tcpdump-file,... And there are some Preprozessors which can block 'bad' Traffic. Snort can do much more. Read the FAQ http://www.snort.org/docs/FAQ.txt Thomas Bechtold On Tuesday 01 July 2003 00:38, Phillip Hofmeister wrote: > Greets all, > > A previous post spawned an idea of mine. I am not sure if there is a > project available for this or not. Here we go: > > A daemon sits running in the background listening to a special device > (/dev) or an IPC which would originate from syslog-ng. This daemon > would then parse the log and look for suspicious things. If it found > something suspicious it would use regular expression to grab out > pertinent parts of the log (say the IP address) and act on the log > accordingly (in real time) by say dropping an IPTABLE rule down on the > IP address. > > Are there any projects out there to do this right now. If not, is this > a good idea? If it is who would be a person/group that would be > qualified and have the time/interest to develop it. > > Just throwing out a random conscious thought, > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import > -- > Excuse #202: That's easy to fix but I can't be bothered. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OT: An Idea for an IDS
Look snort 2.0.0 [1] It's an Intrusion Detection System. Theres an Preprozessor for Snort called 'Guardian'[2] to do things like you want. But read the other answers in this thread carefully! Thomas Bechtold [1] http://snort.org [2] http://www.chaotic.org/guardian/ On Tuesday 01 July 2003 00:38, Phillip Hofmeister wrote: > Greets all, > > A previous post spawned an idea of mine. I am not sure if there is a > project available for this or not. Here we go: > > A daemon sits running in the background listening to a special device > (/dev) or an IPC which would originate from syslog-ng. This daemon > would then parse the log and look for suspicious things. If it found > something suspicious it would use regular expression to grab out > pertinent parts of the log (say the IP address) and act on the log > accordingly (in real time) by say dropping an IPTABLE rule down on the > IP address. > > Are there any projects out there to do this right now. If not, is this > a good idea? If it is who would be a person/group that would be > qualified and have the time/interest to develop it. > > Just throwing out a random conscious thought, > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import > -- > Excuse #202: That's easy to fix but I can't be bothered. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
honeyd and libdnet
Hi, I want to install honeyd on my Debian-Box for testing. honeyd[1] isn't in the Package-tree from Debian so i have to compile it by hand. honeyd needs the 'libdnet'-package[2] to work. I installed this package but now commands like 'ifconfig' or 'nmap' doesn't work. The error is: - server:/# ifconfig : error fetching interface information: Device not found - If i use 'ifconfig eth0' then it works. I don't know why. Now my questions are: - How works DECnet[3]? - How to configure dnet-common and the /etc/decnet.conf - Why needs honeyd this lib Cheers Thomas Bechtold - [1] http://www.citi.umich.edu/u/provos/honeyd/ [2] http://libdnet.sourceforge.net/ [3] http://linux-decnet.sourceforge.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
