[logs] Re: reporting tool for linux firewall

From: Devdas Bhagat (devdas@private)
Date: Thu Sep 01 2005 - 11:38:27 PDT

On 01/09/05 11:04 -0700, Tina Bird wrote:
> hi all - had a request from a friend, any ideas?
> "I have a linux box.  iptables firewall (using shorewall to manage it) and I
> was looking for some sort of good firewall log analysis package... hopefully
> something that would sit on the firewall and monitor for specific events,
> port scans, nefarious looking activity, etc, and send me a notification ala
> the freebsd "security report" thingamajigger you can configure."
> we'll roll our own if we have to, but i figured there might be some prior
> art.

RedHat has its own log analysis thing. The questioner may also prefer to
install Snort + ACID on the same host.

Devdas Bhagat
LogAnalysis mailing list

This archive was generated by hypermail 2.1.3 : Fri Sep 02 2005 - 05:37:55 PDT