It will probably take me the rest of my life to figure out all the options and the things that can be done with it.
Fun, fun, fun!!
-
Please do. It is a package well written and extremely powerful.
It will probably take me the rest of my life to figure out all the options and the things that can be done with it. Fun, fun, fun!!
-
I'll pass your praise on to Gerald Combs next time I see him in the halls at the office
Leave a comment:
-
Never tried Wireshark but, based on the recommendation and the fact that it is in the repository I am installing it now, as I type!Leave a comment:
-
Last time I looked at wireshark I found it a bit overwhelming and had some problems using it properly because of my rubbish WiFi card at the time. Perhaps it's time for another look, I've learned quite a bit about networking since then.Leave a comment:
-
Leave a comment:
-
I wish I had more time to learn about all of these tools, there are so many cool free software projects out there! It's amazing that people give so much of their time for free and share their software, and that other people spend their time packaging it for different distributions.
Of the ones you listed, I have only used nmap (on my local network mainly). Wireshark is another one I feel I should invest some time in, networks are fascinating and I'm sure it would lead to other interesting knowledge.
By the way, my adventures with C++ and sqlite are coming along (slowly!). It's a very rewarding process, I've had a few eureka moments today already where something clicked and I understood rather than just copying. I'm writing a text based program at the moment but will put a qt GUI on it when it is functional!Leave a comment:
-
The cron config files are installed by default (/etc/chkrootkit.conf) and (/etc/default/rkhunter) and all you have to do is edit the true/false conditions to suit your needs.Originally posted by Feathers McGraw View PostI don't remember where I read it but I think it was ubuntuforums - when you mentioned it I thought it must be worth another look, which is why I asked. As I was hoping, you gave a really useful answer - thanks!
Setting them as a cron job sounds much more convenient than I thought it would be.
Have you ever used snort (the intrusion detection software)? That's another one I'm curious about.
I have snort, nmap, etherape, kismet and zenmap installed. I play with them but haven't had a real need for them because I don't have much pounding on my back door ... and ... using them injudiciously can get you in trouble with your ISP. I probably use EtherApe and Kismet more than the others because they show me all the devices connected to my computer/wifi.Leave a comment:
-
I don't remember where I read it but I think it was ubuntuforums - when you mentioned it I thought it must be worth another look, which is why I asked. As I was hoping, you gave a really useful answer - thanks!
Setting them as a cron job sounds much more convenient than I thought it would be.
Have you ever used snort (the intrusion detection software)? That's another one I'm curious about.Leave a comment:
-
I don't know where you got that "consensus" but both are currently maintained.Originally posted by Feathers McGraw View Post
I've run them both for almost 10 years.
https://help.ubuntu.com/community/RKhunter
http://www.chkrootkit.org/
The received wisdom is to run them both. Like any detection tool, it is no more secure than the most recent update to its db, which it does automatically in the background.
In 10 years I have yet to see any malware detected on my equipment, but I run it regularly as a cron task every week. You can change the settings in /etc/default/rkhunter to set the cron task to what ever you want. I have it run daily, nice="0", with email reports of results of the run to my home account and email notifications of db updates.
chkrootkit also has a cron file that sets it to run daily in the background.
They are pretty much transparent and I never notice them.Leave a comment:
Leave a comment: