he will need to deploy a Network Intrusion Detection System. Don't stop there
you should put some form of Host Based Intrusion Detection on your servers.
Might even want to look into modules/patches to provide better security. These
aren't a fix all, but its a start...
Patches:
http://www.grsecurity.net/
http://www.openwall.com/owl
Modules:
http://sourceforge.net/projects/stjude
http://sourceforge.net/projects/stmicheal
NIDS:
http://www.snort.org
http://www.prelude.org
There are others for each category, but just to name a few. Take care
Cheers, Alberto Gonzalez.
Benjamín Ubach Nieto wrote:
I've read about some:
Courtney ftp://coast.cs.purdue.edu/pub/tools/unix/logutils/courtney/
Scanlogd http://www.openwall.com/scanlogd
PortSentry http://www.psionic.com/abacus/portsentry
And just found a lot more here: http://www.mycert.mimos.my/resource/ids.htm
Which one is better?... Couldn't tell, but if you find out, please tell me
;-)
Hope this helps :-)
----------------------------------------------------------------------------
----
Reality is acceptable... if practiced with moderation...
Benjamín Ubach Nieto
--
The secret to success is to start from scratch and keep on scratching.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
