Re: Intrusion Detection System

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2008/9/10 Luke Macken <lmacken@xxxxxxxxxx>:
> Hey all,
>
> A couple of weeks ago I did an initial deployment of an Intrusion
> Detection System in our infrastructure.  It utilizes the prelude stack,
> and is currently powered by auditd and prelude-lml events.  Audit gives
> us a ridiculous amount of power with regarding to monitoring
> everything that happens on a system.  Prelude-lml, out of the box
> using it's pcre plugin, is able to watch a large variety of service
> logs, including many things we are running (asterisk, mod_security,
> nagios, cacti, PAM, postfix, sendmail, selinux, shadowutils, sshd,
> sudo).  Prewikka is the web-based frontend
> (https://admin.fedoraproject.org/prewikka).
>

for the EL-5 systems.. did you need to update audit from what is
provided by RHEL-5.2? It looked like it would be needed when I talked
with Steve Grubb because it required stuff that had not been ported to
EL-5. I would be interested in helping you test/document this? Where
can I start?


-- 
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux