How to log attempts of attack - before machine is crashing ?
Hi all !
I want to log the traffic in wireshark (over eth0 or enp2s0 or any) before the machine might crash. For example somebody tried to attack 4 days ago - the BlackHat tried to install keylogger into gdm of gnome - and too he tried to scan my password. Because my password is behaving like a worm, which fires back by scan - the machine (with Solus 4.0) crashed - is there somewhere a log-file of wireshark about this crash ? - where I can see, which ip this was and so on ? - How would I have to adjust wireshark to log crashes too, when attacker is firing like he did it 4 days ago ? (my password is behaving like a bomb with exploding salad, at least 1,4 GiBi - when attacker want so scan it.) Cheers.