What tools would you recommend for monitoring the following on a server? :
* kernel + process images in memory
* shape of the process tree
* binary integrity of files + permissions
* network connections
* users, groups
* user sessions
* log files
I think this calls for a customizable solution with plugins (or so). Is
there any such thing in Debian? How reliable is it?
How about reporting? Logging would be good but logging to a local file
is problematic as that could be compromised on a server hack...
OpenPGP: E3D9 C030 88F5 D254 434C 6683 17DD 22A0 8A3B 5CC0