Some common types of monitoring tools are:
It doesn't attempt to block any activity, only to report it when it finds it.
These aren't very useful as working computers - they're simply traps.
May 13 09:57:03 gondwanah dhclient-2.2.x: DHCPDISCOVER on lo to 255.255.255.255 port 67 interval 2 May 13 09:57:05 gondwanah dhclient-2.2.x: No DHCPOFFERS received. May 13 09:57:05 gondwanah dhclient-2.2.x: No working leases in persistent database - sleeping. May 13 09:57:05 gondwanah dhclient-2.2.x: No DHCPOFFERS received. May 13 09:57:05 gondwanah dhclient-2.2.x: No working leases in persistent database - sleeping. May 13 10:00:21 gondwanah dhclient-2.2.x: DHCPREQUEST on eth0 to 10.0.3.1 port 67 May 13 10:00:21 gondwanah dhclient-2.2.x: DHCPACK from 10.0.3.1 May 13 10:00:21 gondwanah dhclient-2.2.x: bound to 10.0.1.1 -- renewal in 3500 seconds. |
If it was a physical break-in, call the police.