iptables does the simple job of loggin attempted connections, then there's probably something else you'd want to use for monitoring a log file for consecutive connections from the same addy. > Is there any way to detect if ports are being probed/sniffed? I've seen > programs like Snort, etc. Does anyone have any opionions about intrusion > detection systems? Are they effective? Are there other ways to manually > detect intrusion? _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list