On 01/09/05 11:04 -0700, Tina Bird wrote: > hi all - had a request from a friend, any ideas? > > "I have a linux box. iptables firewall (using shorewall to manage it) and I > was looking for some sort of good firewall log analysis package... hopefully > something that would sit on the firewall and monitor for specific events, > port scans, nefarious looking activity, etc, and send me a notification ala > the freebsd "security report" thingamajigger you can configure." > > we'll roll our own if we have to, but i figured there might be some prior > art. > http://logrep.sourceforge.net/ http://www.freshmeat.net/projects/fwanalog/ http://iptablelog.sourceforge.net/ RedHat has its own log analysis thing. The questioner may also prefer to install Snort + ACID on the same host. Devdas Bhagat _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Fri Sep 02 2005 - 05:37:55 PDT