The problem when I got hacked were that the firewall logging is turned off,and I'am not able to turn it on because --log-prefix /var/log/firewall in the iptables is no longer recognized as a valid path, so no logging. I got a warning about it when I run iptables -L. So some script must have been changed and I dont know which. It happend before I installed tripwire, and I have tried other paths, but the same warning.
--- Andrew MacKenzie <[EMAIL PROTECTED]> skrev: > +++ Thomas Ribbrock [RedHat] [Fri, Oct 18, 2002 at > 12:12:33PM +0200]: > > On Fri, Oct 18, 2002 at 10:04:46AM +0100, Nick > Lindsell wrote: > > > The Tripwire documentation suggests that the > database be > > > held on a floppy which is then write-protected - > should > > > prevent a blackhat getting to it. > > > > Ok, so lets say I have the original Tripwire DB on > a read-only medium > > (CD-ROM would work, too, I suppose). But it still > only tells me about > > problems *after* the damage has been done, right? > Tripwire does nothing to > > *prevent* an attack, or am I missing something > here? So, the main (only?) > > use would be to serve as a warning system a la > "This system probably has > > been hacked!", right? > Don't knock it. *Knowing* whether you may or may > not have been hacked is > half the battle. What good is updating and > maintaining security if you were > compromised three months ago and didn't know it? > Tripwire and monitoring > your log files are good habits. Be vigilant. > > -- > // Andrew MacKenzie | http://www.edespot.com > // Sleep: n. slEp > // A completely inadequate substitute for caffeine. > > ATTACHMENT part 2 application/pgp-signature ===== http://home.no.net/~knutove/knut_ove_hauge_kuren.htm ______________________________________________________ Se den nye Yahoo! Mail på http://no.yahoo.com/ Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
