Re: intrusion detection

To: "Douglas A. Tutty" <dtutty@vianet.ca>, debian-user@lists.debian.org
Subject: Re: intrusion detection
From: David Bernier <david250@videotron.ca>
Date: Wed, 29 Oct 2008 14:22:47 +0630
Message-id: <[🔎] 4908164F.2060003@videotron.ca>
In-reply-to: <[🔎] 20081029055154.GE7437@titan.hooton>
References: <[🔎] 49072EEC.1000209@videotron.ca> <[🔎] 4126b3450810280837v543e2cc5hd211069b07d38505@mail.gmail.com> <[🔎] 20081029055154.GE7437@titan.hooton>

Douglas A. Tutty wrote:

On Tue, Oct 28, 2008 at 03:37:05PM +0000, Sam Kuper wrote:

2008/10/28 David Bernier <david250@videotron.ca>

I'd like to know about ideas for security, including for example
intrusion-detection systems.

I recently read Linux Firewalls <http://www.nostarch.com/firewalls_mr.htm> ,
and can recommend it. I'm sure there are lots of other good books on the
topic too.

Read the document provided by the harden-doc package.

Read the document provided by the shorewall-doc package.

Your own box cannot monitor itself (there was just a thread on this).
If you want intrusion-detection, get an old box as a detector/monitor.

Doug.

Thanks for all the replies. I've installed the latest version of OSSEC.That was easy.

I used a "local" type. I'll have to learn a bit about hardening the system.

David

Reply to:

References:
- intrusion detection
  - From: David Bernier <david250@videotron.ca>
- Re: intrusion detection
  - From: "Sam Kuper" <sam.kuper@uclmail.net>
- Re: intrusion detection
  - From: "Douglas A. Tutty" <dtutty@vianet.ca>

Prev by Date: Re: Disk /dev/md6 doesn't contain valid partition table
Next by Date: Re: I get too many emails
Previous by thread: Re: intrusion detection
Next by thread: Re: intrusion detection
Index(es):
- Date
- Thread