Seguridad

/etc/snort/snort.conf

DEBIAN_SNORT_STARTUP=dialup
DEBIAN_SNORT_HOME_NET="192.168.0.1/24"
DEBIAN_SNORT_OPTIONS=" -i ppp0"
DEBIAN_SNORT_STATS_RCPT="root"
DEBIAN_SNORT_STATS_TRESHOLD="1"

/etc/ppp/ip-up.d

#!/bin/sh -e

CONFIG=/etc/snort/snort.conf
test -f /usr/sbin/snort || exit 0
test -f $CONFIG && . $CONFIG
test "$DEBIAN_SNORT_STARTUP" = "dialup" || exit 0
cd /etc/snort
start-stop-daemon --start --quiet --exec /usr/sbin/snort -- \
                -D \
                -S "HOME_NET=$PPP_LOCAL/32" \
                -h "$PPP_LOCAL/32" \
                -c /etc/snort/snort-lib \
                -l /var/log/snort/ \
                -s \
                $DEBIAN_SNORT_OPTIONS \
                -i
                $PPP_IFACE \
                >/dev/null
exit
0
 iptables -A INPUT -p tcp --dport 666 -s 127.0.0.1 -j ACCEPT
 iptables -A INPUT -p tcp --dport 666 -j DROP
 ALL: LOCAL
 ALL: .dominio .otrodominio
 ALL:ALL

O bien

 ALL: ALL: SPAWN (usr/sbin/safe_finger -l @%h | /usr/bin/mail -s "Acceso de %c %d-%h" root) &