Tag: snort

  1. Random knowledge VIII.

    25 January 2007

    You're getting old if you consider sleeping until 0900 'sleeping in'.

    When configuring a firewall with IPTables you have to specify the protocol before the port number(s) in each command. Do this:

    iptables -A INPUT -s -p tcp --dport 22 -j ACCEPT

    and not this

    iptables -A INPUT -s --dport 22 -p tcp -j ACCEPT

    If you don't, you'll see error messages to the effect of "Unknown arg '--dport'"

    When writing Snort rules, there are a few things to keep in mind. First of all, rules come in two parts: the …


  2. Random knowledge VII.

    25 January 2007

    The /usr/bin/eject utility on a Linux system is a good way of figuring out which machine has what name in the KVM when you're dealing with a rack of machines, many of which are likely to be mislabelled. Use the eject utility to open the CD-ROM drive and see what machine you're really connected to; then update the labels in the KVM's configuration appropriately.

    If your fibre-optic network card isn't seeing any traffic at all, try switching the plugs on the card. Some optical network cables don't have colour-coded connectors so it's easy to plug them into the …