* Patrik Breitenmoser wrote on Thu, May 16, 2002 at 10:22 +0200:
I am worried about intruders makeing to mutch traffic -> high bills for me ;(
Do you mean potiential traffic after an successful attack? You have to pay for the traffic for the attacks anyway, even when you block it, since it was passed by the ISP already. Of course this becomes really serious if someone breaks your system and installs some warez site on it... Or other illegal stuff. So you need to protects your system as good as possible of course.
I am running portsenty scanlogd and freeveracity for sec.
Do you know snort? www.snort.org may be of interest for you, BTW.
Is there anything a security nubbie can do?
If you run a web server, you'll receive many IIS attacks. The only thing you can do here is to make the webserver generate a short response I think. But a DoS attack like mstream or such will be still expensive, and I do not know anythink you can do against it. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.