A shell script question

[david nicol]

On Mon, 2004-02-23 at 16:21, Brian Densmore wrote:
> I'm looking to write a little shell/perl/python
> script to run on my server 24/7 looking for attackers.

I dunno about hiding things from view -- I mean, "ps"
is easy to edit the source of to leave stuff out and
then recompile and replace, but to do this on your
own box is suspicious.  You could run 

	netstat -tncp

into a p* program that constantly verifies that
only what is there is supposed to be there.  Setting up
firewall rules would be stronger though.