Re: Recommended security management packages

To: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>
Cc: debian-security@lists.debian.org
Subject: Re: Recommended security management packages
From: Tib <tib@tigerknight.org>
Date: Wed, 21 May 2003 13:01:10 -0700 (PDT)
Message-id: <Pine.LNX.4.53.0305211255130.1303@altaica>
In-reply-to: <20030521144021.GC6170@pogo.bearhouse.lan>
References: <Pine.LNX.4.53.0305202056040.1303@altaica> <20030521144021.GC6170@pogo.bearhouse.lan>

> John the Ripper (weak password detection),
Appears to be installed but I'm not actively using it.

> logcheck (batch checks on syslogs),
Installed and configured

> PortSentry (IDS w/ some reaction capability),
Installed and configured

> AIDE or Tripwire (file integrity checks),
Just installed and now tinkering with it

> nmap (port scan) or Nessus> (vulnerability scans) scans from outside the box,
nmap installed, helped to block a bunch of ports with iptables

> Xlogmaster (real-time checks on syslogs with action, e.g., e-mail your pager),
Never heard of it but I'll look into it

> and snort (IDS).
Would this interfere with portsentry?


> HTH,
>   Jeffrey

Indeed :] thanks

<EOL>
Tib

Reply to:

Follow-Ups:
- Re: Recommended security management packages
  - From: Jeffrey Taylor <jeff.taylor@ieee.org>
- Re: Recommended security management packages
  - From: Phillip Hofmeister <plhofmei@ip3inc.com>

References:
- Recommended security management packages
  - From: Tib <tib@tigerknight.org>
- Re: Recommended security management packages
  - From: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>

Prev by Date: Re: Recommended security management packages
Next by Date: Tiger checkmd5sums module
Previous by thread: Re: Recommended security management packages
Next by thread: Re: Recommended security management packages
Index(es):
- Date
- Thread