View Full Version : log message

23rd March 2005, 07:03 PM
Hi room i check my /var/log/message i saw alot ppl try to hacking me using root, shh and other username. how can i see those hacker getin my box? :eek:

23rd March 2005, 09:55 PM
try googling (search) "snort" and read up on it--then install it if you already don't have it--then read some more. or use ethereal.
first turn off the ping replies from your computer--that's how they probably found you at first--then they follow up with the cracking/hacking attempts.
close all un-needed ports as you find them.
above all--install a firewall and allow only port 80 if you have a web server--incoming port allow, that is. SSH is other ports--FTP is other ports you need if you have those servers running--any port you don't have specific use for--close to incoming traffic.
Usually most default settings for the Linux firewalls will close those ports and you actually have to allow them to be used--i.e. open them if you need them.