Hi-- Now that I'm freshly over my DNS angst, I am logging everything that I deny in my firewall so that I know what's going on... So, i've been scanned a lot the last few days, and while I htink that I built a pretty good firewall, I am want to know if someone has managed to infiltrate. What should I look for in my process list to tell me if i've got friends in my home box? I thot that perhaps I should log EVERYTHING, that way I know if someone got in on a port that i've allowed for say...web access. that of course, leads to TOO much logging.. then, i thot perhaps a cron, checking if my /var/log/messages has been updated, and not quite sure how to do that....getting only the latest update to messages. arg. Kristin _______________________________________________ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
