Re: intrusion detection / logfile reporter
"Timo <Blazko> Boewing" <blazko@online.de> writes:
> Stephen E. Hargrove wrote:
>
> > http://www.psionic.com/ has some good stuff - logcheck, portsentry
> > and
>
> > hostsentry.
> >
>
>
> Hello Stephen,
>
> Hey, that was *exactly* what i was looking for. When i have time, i
> will try these packages. When i am done, i will let the list know
> about my experiences; if anyone is interested, of course ;-)
Those tools are excellent, but there's also simpler stuff. I've used
logcheck in the past and it did everything I wanted. When I installed
it it came configured with pretty broad rules for what to look for and
report so I had to narrow them considerably, but it was quick and
simple. There are other similar utilities. Doing a
apt-cache search logfile
should give you some of those types of utilities.
Gary
Reply to: