1. automated sniffing: Snort
2. View Log Files:
sudo gedit /var/log/XXX
3. manual sniffing: TCPDump & WireShark
sudo tcpdump -vvi eth1
installing wireShark ubuntu:
sudo apt-get install wireshark
4.
vulnerability scanner:Nessus
http://ubuntuforums.org/showthread.php?t=27674
sudo apt-get install nessusd nessus nessus-plugins
sudo /etc/init.d/nessusd restart
register nessus.
use this path if you used apt-get:
sudo /bin/nessus-fetch XXXXXXX
sudo update-nessus-plugins
not sure of your path?
dpkg -L nessus
scan result break down
checks for rootKits.
http://www.chkrootkit.org/
./chkrootkit -x | more
examine suspicious strings in the
binary programs that may indicate a trojan
RooTkit Hunter:
sudo apt-get install rkhunter
then:
sudo rkhunter --check
5. AV
http://www.itsecurity.com/features/ubuntu-secure-install-resource/
Antivirus
- Clam AntiVirus - One of the most popular UNIX based antivirus solutions. Works well with email gateways.
- AVG Anti-Virus - Free version of a popular commercial virus scanner.
- BitDefender - On demand command line/shell script scanner.
- Panda Antivirus - Uses sophisticated software to remove viruses from workstations connected to a Linux server.
turn off bonjour -->
sudo /etc/init.d/avahi-daemon stop
sudo nano /etc/default/avahi-daemon
AVAHI_DAEMON_START=0
sudo /etc/init.d/cups stop
http://www.zolved.com/synapse/view_content/27995/Top_Ten_basic_things_to_know_about_securing_Ubuntu
1. http://ubuntuforums.org/showthread.php?t=7353
No comments:
Post a Comment