i posted this on rackshack in response to a user looking for some links, and i figured someone here would find it useful. hopefully someone does.

these are most of the links i have in my huge bookmarks folder of server stuff. being paranoid about network security is not a bad thing.
__________________________________
LOGCHECK(portsentry is not highly recommended)
> download logcheck (and portsentry)
http://www.psionic.com/

> great logcheck howto(and if you can do this, portsentry is a breeze):
http://list.cobalt.com/pipermail/co...une/012633.html

> if you choose to use portsentry, here's an informative text. i ended up going with pmfirewall, and ditching portsentry thanks to huck's many informative posts.
http://www.linuxnewbie.org/nhf/inte...ortsentry1.html


IPCHAINS
> download IPChains. also howto's.
http://netfilter.samba.org/ipchains/


PMFIREWALL
> download.
http://www.pmfirewall.com/

> manual
http://www.pmfirewall.com/PMFirewall/man.html


CHKROOTKIT
> http://vito.pointclark.net/cobalt/chkrootkit.html


WINSCMP
> GREAT secure FTP / SSH program.
http://winscp.vse.cz/eng/index.php


NESSUS
> http://www.nessus.org/


AATOOLS PORT SCANNER
> i believe i'm going to use mainly this for portscanning my box from nowon.
http://www.glocksoft.com/port_scanner.htm?source=goto


______________________________________
here are some other utilities/texts i have bookmarked. they've all helped me very much.

INTRO TO TCPWRAPPERS
> http://www.itworld.com/AppDev/1076/UIR000630tcp/


LANCE'S WHITEPAPERS
> http://www.enteract.com/~lspitz/papers.html


RECOVERING FROM A BREAK IN
> http://www.cert.org/nav/recovering.html


SNORT
>http://vito.pointclark.net/cobalt/snort.html


TRIPWIRE
> http://www.tripwire.org


FWC
> open source firewall. looks abandoned though.
http://sourceforge.net/projects/fwc/


SMOOTHWALL
> HAVEN'T USED IT. but it looks interesting. kind of.
http://smoothwall.org/gpl/home/


SENDMAIL
> doesn't hurt to read up on it's spam controls.
http://www.sendmail.org/


MAC PORTLIST
> http://www2.opendoor.com/doorstop/ports.html



hope someone finds this list useful.

someone should compile these(and others) into a good resources page with different topics.

security
tweaking
etc
etc
etc

Im able to host a webpage for cobalt resources

Is there any new sources for Snort as a package?

I have a raq4 and I got the source and tried to compile it only to get the following error

aclocal-1.6: command not found
WARNING: `aclocal-1.6' is needed, and you do not seem to have it handy on your
system. You might have modified some files without having the
proper tools for further handling them. Check the `README' file,
it often tells you about the needed prerequirements for installing
this package. You may also peek at any GNU archive site, in case
some other package would contain this missing `aclocal-1.6' program.
make: *** [aclocal.m4] Error 1



I then got autoconf-2.10 and complied so that i could compile automake-1.9.1 but it says

checking whether autoconf is installed... yes
checking whether autoconf works... no
configure: error: The installed version of autoconf does not work.
Please check config.log for error messages before this one.

I have done massive searches on net for a package or RPM that would work for this and no luck. The link for the Snort above does not work.

I posted a thread like this too a while back...

Don't forget Clam Antivirus too! (set up a cron for Clamscan and Clamfresh too)

I have clamscan. In fact I just purchased Zeffies spam/av package. Best $150 i spent. Today is 2nd day and it has helped out soo much.

I just stumbled upon this forum and was quite amazed to see that there are still people actually using RAQ servers! I had the worst hosting experiences of my life with a list of successive Cobalt servers. I will never touch one ever again in my life!

Hmmm...

I got my first Raq4 3 years ago, hated it but as I read more I grew to like it more and more. Even till today setting up an equivalent Linux distro server is somewhat of a nightmare, only distros like Trustix and Clarkconnect come even closer...

Each to his own... some of my patched servers have been running for over 2 years with no probs (there was one time with the /var partition full bug, but once bitten... twice shy...)

bla.