[Q] Intrusion Detection, Log file parsing....

Mon Jan 21 21:37:09 EST 2002

On Mon, Jan 21, 2002 at 08:52:39PM +1100, Donovan J. Edye wrote:
> I would like to accomplish the following:
> -          Detect intrusion attempts

Have a look at snort, Flexible NIDS (Network Intrusion Detection System).

> -          Have “something” look at syslog and other logs to see if there
> are any “funnies” in the logs (not necessarily to do with security, but say
> a disk getting full etc.)

Have a look at logcheck, Mails anomalies in the system logfiles to the 
administrator.  http://packages.debian.org/logcheck


More information about the linux mailing list