[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sheflug] Success Story

To: sheflug [at] vuw.ac.nz
Subject: [Sheflug] Success Story
From: Matthew Collins <nospam [at] janes.demon.co.uk>
Date: Tue, 13 Mar 2001 21:21:59 +0000
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Mail-Followup-To: matthew, sheflug [at] vuw.ac.nz
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: sheflug-bounce [at] vuw.ac.nz
User-Agent: Mutt/1.2.5i

I just thought I'd share this with everybody, as I'm sure that you all want
to hear my inane rantings.

I work for a Financial company, and I've just overseen our first Linux
installation. Quite a coup for me, as before I started, nobody there had
ever really considered using Linux for anything. The reason (no, not "It's
not Microsoft), but "You can't administer it through NDS". We're a big
Novell shop, and Ironically, that is doing more to tie us into Windows on
the desktop than using NT as a server is.

Anyway, enough of that. The system I've just installed is an IDS system
running Snort (http://www.snort.org/). You would be amazed (if you havn't
seen an IDS running before) at the amount of portscans and stuff we get.
Now, at the moment we are not a highly visible site, but we still get 4 - 5
port scans a day. People looking for Bind holes, Wu-FTP holes etc etc. I
even checked one source of these scans out, and found a machine infected
with the Ramen worm.

It's really opened managements eyes about Security on the Internet I can
tell you. When we first went online, it was "Well, nobody will find us if we
keep quiet and don't advertise". Telling my boss that we were portscanned
twice while I was still installing the machine on Saturday afternoon was a
big eye opener for them.

The machine runs like a dream. Anybody who tells you that Linux is hard to
install deserves a poke, with a stick. After 1 days work, I've got the
machine logging all Internet traffic to a secured disk. The machine dosn't
even have an IP address on the interface that is monitering traffic. It is
emailing alerts to me when they happen, and is automatically rotating logs
files & alert logs, archiving old copies and purging really old copies.

All this using Free software.

If anybody wants specifics on how the machine has been set up, drop me a
note.

--
Matthew Collins
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Prev by Date: Re: [Sheflug] headless
Next by Date: Re: [Sheflug] headless
Prev by thread: Re: [Sheflug] re: Domain registration mail servers
Next by thread: No Subject
Index(es):
- Date
- Thread