> -----Original Message----- > From: fedora-list-bounces@xxxxxxxxxx > [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Scot L. Harris > Sent: Monday, July 18, 2005 6:42 PM > To: 'For users of Fedora Core releases' > Subject: Re: DShield > > On Mon, 2005-07-18 at 12:36, Chris Wright wrote: > > > > > The first of these questions though is to ask if anyone has > installed a Dshield Client? > > I've had a look round and found a few possibilities, but > nothing jumped out at me as the right one to use? > > Wondered if anyone else used Dshield... (www.dshield.org) > > Quick look at the web site you listed has as the first entry > in the list the client I would look at to read iptables logs. > > Not sure this provides any additional protection to your system. > Appears to just generate a report that is sent back to the > dshield site. > I did download the iptables tar but had troubles getting it to work (so I thought I would ask on here as well as the DShield List). I didn't know if it required a special build for FC4. (I'm still reading the section on compiling source rather than installing new packages). I have my router transfer its syslogs to one of the boxes inside my network. These log files are sent to Dshield for analysis only. It doesn't provide any protection what so ever, Dshield use a %age sample of submitted data to see what is happening on the net. (SANS (http://www.sans.org/) is also involved somewhere along the line). Regards Chris