On Sat, 25 Jan 2003 06:16, Leigh Purdie wrote: > G'day Nathan, (All: FYI / Comment) > > Snare (www.intersectalliance.com/projects/Snare/index.html) is designed > to be a C2-style audit capability for Linux, and works on RH7.2 (as well > as 7.1, 7.3, and as of last night, 8.0, plus Suse / Mandrake, and Debian > Woody+). Snare operates as a kernel module (at present), and so no > kernel recompiles are required. There is also a user-space audit daemon, > and a configuration/monitoring GUI available as an open-source/free > download. How does it compare with http://secureaudit.sourceforge.net/ ? How does it interact with SE Linux? Does it even work alongside SE Linux? Does it support logging of SE data (IE security context of the process performing a file access)? -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Jan 25 2003 - 02:10:01 PST