[plug] log file checking

Darren dylnx at westnet.com.au
Sat Feb 1 13:38:23 WST 2003


Thanks for the info ,i came across snort and acid in my travels and will
try these on the server .thanks again 

Darren

On Sat, 2003-02-01 at 01:21, Craig Foster wrote:
> As has been mentioned, logwatch is a good all-round errr log-watching
> thing 
> (funny that :P )
> 
> There's the portsentry / logsentry / hostsentry combinations for hack
> "deflections"
> 
> Or you could get the snort contributed rpms pre-rolled for SME server to
> detect suspicious activity earlier.
> 
> "
> Howto:
> http://www.marari.net/downloads/snort/acid-howto.htm
> 
> RPMS:
> http://www.marari.net/downloads/snort/ari-mitel-acid-1.1-1.noarch.rpm
> http://www.marari.net/downloads/snort/ari-mitel-acid-1.1-1.src.rpm
> 
> Thanks to Abe Loveless for his help.
> 
> Cheers!
> Ari Novikoff
> Marari Network Solutions
> http://www.marari.net"
> 
> 
> Regards,
> 
> Craig Foster
> fostware at iinet.net.au (with SMIME) 
> 




More information about the plug mailing list