PDA

View Full Version : [ubuntu] Firewall Monitor



spikoley
February 6th, 2010, 01:40 AM
Is there a firewall monitor to show you attempted connections?

*Raz0r*
February 6th, 2010, 01:42 AM
There is a firestarter

spikoley
February 6th, 2010, 08:42 AM
There is a firestarter

I was looking for something more sophisticated.

MrWES
February 6th, 2010, 10:22 AM
Is there a firewall monitor to show you attempted connections?

Most attempted connections occur on port 22, the port used for SSH. You could install Denyhosts which will depending on how you set it up, add the IP to the /etc/hosts.deny file and therefore block it.

http://ubuntuforums.org/showthread.php?t=450853

Or the simple way is to look at the /var/auth.log

Bill

airtonix
February 6th, 2010, 02:53 PM
Is there a firewall monitor to show you attempted connections?

These articles might be of interest to you :

http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
http://www.linuxquestions.org/questions/linux-networking-3/network-traffic-monitor-my-incoming-and-outgoing-ports-632259/
http://www.linux.com/archive/articles/50649


Some applications you might find handy :

jnettop
ntop

watch -d "netstat -ntauple"
ipstate : http://linuxpoison.blogspot.com/2010/02/iptstate-display-iptables-state.html
fwmon : http://www.scaramanga.co.uk/fwmon/
iptraf
Razorback (http://www.intersectalliance.com/projects/RazorBack/index.html#ScreenShots) with Snort (http://www.snort.org/)