Re: Recommended security management packages
Quoting Tib <tib@tigerknight.org>:
> I'm looking for information on packages that will do a nice job of keeping
> an eye on my system security-wise. PackageS because I know that no one
> packages can do it all.
>
> Currently all I've got is 'tiger', and while it does a good job it has
> issues like failed checksums against installed packages (well that's
> strange because I just installed that package and it already failes the
> checksum?) and such. Does anyone have any recommendations?
>
John the Ripper (weak password detection), logcheck (batch checks on
syslogs), PortSentry (IDS w/ some reaction capability), AIDE or
Tripwire (file integrity checks), nmap (port scan) or Nessus
(vulnerability scans) scans from outside the box, Xlogmaster
(real-time checks on syslogs with action, e.g., e-mail your pager),
and snort (IDS).
HTH,
Jeffrey
Reply to: