My favorite is SEC - the Simple Event Correlator http://kodu.neti.ee/~risto/sec/ Enjoy, Jim B. ________________________________ From: loganalysis-bounces+jbrown=thrupoint.net@private on behalf of Tina Bird Sent: Thu 9/1/2005 2:04 PM To: loganalysis@private Subject: [logs] reporting tool for linux firewall hi all - had a request from a friend, any ideas? "I have a linux box. iptables firewall (using shorewall to manage it) and I was looking for some sort of good firewall log analysis package... hopefully something that would sit on the firewall and monitor for specific events, port scans, nefarious looking activity, etc, and send me a notification ala the freebsd "security report" thingamajigger you can configure." we'll roll our own if we have to, but i figured there might be some prior art. thanks - tbird _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. ThruPoint, Inc. _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Fri Sep 02 2005 - 06:09:36 PDT