[Q] Intrusion Detection, Log file parsing....
Mon Jan 21 21:37:09 EST 2002
On Mon, Jan 21, 2002 at 08:52:39PM +1100, Donovan J. Edye wrote:
> I would like to accomplish the following:
>
> - Detect intrusion attempts
Have a look at snort, Flexible NIDS (Network Intrusion Detection System).
http://packages.debian.org/snort
> - Have “something” look at syslog and other logs to see if there
> are any “funnies” in the logs (not necessarily to do with security, but say
> a disk getting full etc.)
Have a look at logcheck, Mails anomalies in the system logfiles to the
administrator. http://packages.debian.org/logcheck
Mark
More information about the linux
mailing list