On Sat, Jul 17, 2004 at 08:41:28PM -0400, John Dangler wrote: > Clifford~ > Thanks for the reply. > rpm-qa|grep logwatch reveals: > logwatch-5.1.3 > > I haven't started looking at the 'root' mail yet, since I haven't figured a > way to get the email client to read the root from the local system. > I did find the man page on logwatch and am reading up on it. > > Thanks for the tip! If I recall there was an attack against protocol 1 that many scrip kiddies use. I currently specify only protocol two for my incoming ssh connections. When you get probed from a network, continent, country or domain that you do not want or expect to connect to -- block it. Also get in the habit of removing the word 'welcome' from login screens (/etc/issue, /etc/motd, etc). Use "Access by invitation only" or some such less inviting message. -- T o m M i t c h e l l /dev/dull where insight begins.
