preparing for case of emergency

To: debian-security@lists.debian.org
Subject: preparing for case of emergency
From: Klaus Koch <kkoch@kxsu.de>
Date: Mon, 11 Feb 2002 11:26:57 +0100
Message-id: <[🔎] 200202111028.LAA12112@post.webmailer.de>

hello!

I have done my best to make my firewall/router secure according to 
several security howtos (in this place, many thanks to the authors of 
the debian security howto). I think I am really getting into this 
"security stuff" :)
I am running a not very busy website and ftp-server, so I can afford to 
receive snort alarms in realtime via email to my internal account, 
because there aren't many. Due to work, I spend a lot of time at this 
account, so chances are high that I am present when an attack is done.
My question now is, what can I really do in realtime against an ongoing 
attack? Are there any interesting reads, I wasn't able to find?

Many thanks for your help!


Klaus

Reply to:

Follow-Ups:
- Re: preparing for case of emergency
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
- Re: preparing for case of emergency
  - From: Fredrik Ax <debsec@axnet.nu>

Prev by Date: Re: Emulate real ip's to access intranet hosts from outside
Next by Date: Re: preparing for case of emergency
Previous by thread: Fw: Securing Debian HOWTO: http://www.debian.org/doc/manuals/securing-debian-howto
Next by thread: Re: preparing for case of emergency
Index(es):
- Date
- Thread