On Feb 18, 2012, at 9:34 PM, Les Bell wrote: > > Al <mailinglist at theflux.net> wrote: > >>> > Any suggestions on what to run on a centos box to verify that the > server isn't compromised or being sniffed? Thanks! > << > > For "isn't compromised", you need a host integrity verification > system like > Tripwire or AIDE (which is in the base repo). Expect to have to > tweak the > config to cover the stuff you've got installed. > > You can detect sniffing by checking for promiscuous interfaces on > the LAN - > use proDETECT (http://sourceforge.net/projects/prodetect/) or a > similar > tool for this purpose. > > Alternatively, if you have the time and resources, you could run a > full-blown network intrusion detection system like Snort > (http://www.snort.org). > > Best, > > --- Les Bell > [http://www.lesbell.com.au] > Tel: +61 2 9451 1144 > > Les, Thanks for the suggestion, I will run through all the methods stated to me... > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos