Idea for a security program
Bob - BLU
blu at scrunch.net
Fri Dec 29 11:54:34 EST 2006
On 12/27/06 20:51, David Kramer wrote:
> So when I rebuilt my server woth FC6, I decided to throw in a few extra
> security programs. I've been disappointed with some of them (both
> chkrootkit and rkhunter seem to give lots of false positives I can't
> configure out, for instance)
I wrote a wrapper scripts for these. It dumps the output to a file, then compares to the previous night's output. If there is a difference then it emails me. The idea is that you review the output initially, then monitor for changes. The wrapper script also eliminates certain false positives that annoy me.
Secondarily, try samhain [http://www.la-samhna.de/samhain/].
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list