Incremental improvements to intruder checking
#177 Henry, Thursday, 02 August 2012 8:44 AM (Category: Network)
(Tags: linode security)

I've been making incremental improvements to my two scripts that check for intruders. Fixed some bugs, improved my understanding, added new features. I've been tweaking them since last Friday and now they are solid and working well and reporting well. The system is working really well.

Last night, I had attempts made on POP and Wordpress and it accurately identified them and blocked them and reported it to me. I guess that people are getting bored with the Olympics and turning back to attacking.

So now my Linode has a few more levels of safety added. It's not totally safe, but nothing really is. It's not important enough to be worth anyone's attention. The security is good enough for the time being. I'll keep an eye on things and see if more work needs to be done.

I can think of one more improvement already. Right now, I am polling the log files. Every few minutes I check the log files to see if there is anything new. That's inefficient. I read that there are new Linux facilities so that you can register an interest in a file, and if the file changes, you get notified. No need to poll - every time it changes you can check for intruders.