Hace un tiempo, he descargado el rkhunter, pero la verdad es que nunca lo he instalado. Alguien tiene experiencia con este tipo de utilitarios? http://rkhunter.sourceforge.net/ Hoy, en la versión online de Linux Magazine, apareción un articulo sobre el tema: http://www.linux-mag.com/id/2611 Se refiere a un sistema de detección de intrusiones llamado Bro: http://www.bro-ids.org/ La pagina de descarga es: http://www.bro-ids.org/download.html Unos comentarios sobre su instalación: Bro requires a recent version of the libpcap, openssl, and termcap libraries. libpcap version 2.0.8, openssl version 0.9.7, and termcap version 11.0.1 were used for this article. The latter versions are distributed with Trustix. The Trouble With Termcap On some versions of Linux, the Bro configure script may not determine the appropriate version of termcap. A workable solution is to hardcode an older version of the termcap library. If you look in /lib and don't see libtermcap.so, try the following as root to address the issue. # ln -s /lib/libtermcap.so.2.0.8 /lib/libtermcap.so Making Bro Go Assuming you have Lynx installed, Bro version 1.1 can be downloaded with the following two commands. (This article uses the Filesystem Hierachy Standard for install locations; adjust the directories to match your own local policies.) # cd /usr/src/ # lynx ftp://bro-ids.org/bro-1.1-current.tar.gz> Next, uncompress the Bro distribution with… # gunzip bro-1.1-current.tar.gz … and unpack the archive using: # tar xvf bro-1.1-current.tar The latter command creates the directory /usr/src/bro-1.1/. Change to that directory and compile and install the program. This example installs Bro into /opt/Bro/. # cd bro-1.1 # ./configure ––prefix=/opt/Bro After the configure script runs, you should receive the following message on your terminal: Bro Configuration Summary - Debugging enabled: no - OpenSSL support: yes - Non-blocking main loop: yes - Non-blocking resolver: yes - Installation prefix: /opt/Bro - Perl interpreter: /usr/bin/perl5 - Using basic_string: no - Pcap used: system-provided Now run make and make install: # make # make install Now that the executables have been created and Bro's been installed, run the following to create crontab entries for Bro's daily reports: # make install-brolite Answer each prompt that the script presents. Your answers to the prompts tailor Bro's configuration file in /opt/Bro/etc/bro.cfg. (The sidebar "Bro Directory Structure" provides a map of the Bro directory structure.) Salu2 --------------------------------------------------------------------- Para dar de baja la suscripción, mande un mensaje a: opensuse-es+unsubscribe@opensuse.org Para obtener el resto de direcciones-comando, mande un mensaje a: opensuse-es+help@opensuse.org