[plug] log file checking
Darren
dylnx at westnet.com.au
Sat Feb 1 13:38:23 WST 2003
Thanks for the info ,i came across snort and acid in my travels and will
try these on the server .thanks again
Darren
On Sat, 2003-02-01 at 01:21, Craig Foster wrote:
> As has been mentioned, logwatch is a good all-round errr log-watching
> thing
> (funny that :P )
>
> There's the portsentry / logsentry / hostsentry combinations for hack
> "deflections"
>
> Or you could get the snort contributed rpms pre-rolled for SME server to
> detect suspicious activity earlier.
>
> "
> Howto:
> http://www.marari.net/downloads/snort/acid-howto.htm
>
> RPMS:
> http://www.marari.net/downloads/snort/ari-mitel-acid-1.1-1.noarch.rpm
> http://www.marari.net/downloads/snort/ari-mitel-acid-1.1-1.src.rpm
>
> Thanks to Abe Loveless for his help.
>
> Cheers!
> Ari Novikoff
> Marari Network Solutions
> http://www.marari.net"
>
>
> Regards,
>
> Craig Foster
> fostware at iinet.net.au (with SMIME)
>
More information about the plug
mailing list