BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] deadmanish login?

Subject: [Discuss] deadmanish login?
From: richard.pieri at gmail.com (Richard Pieri)
Date: Mon, 30 Jan 2017 23:30:38 -0500
In-reply-to: <20170131014651.GA21915@newtao.randomstring.org>
References: <iydoKFG1q6EvZNl6T2sztfNEyMK3eE7jp_2ZXrcPTgVFK1IPE5deLwZcViB_xDQMcb16enHDIBp9gek18AIxu5VrLtdgSHK6qEOO91dh2nA=@protonmail.com> <20170131014651.GA21915@newtao.randomstring.org>

On 1/30/2017 8:46 PM, Dan Ritter wrote:
> Obvious implementation methods:

If you're kicking off (semi-)unauthorized users and notifying on those
actions then you're doing intrusion detection.

You could use OSSEC but this might be overkill for the specific task.

You could do a clumsy IDS with the Linux user auditing tools (psacct)
and query the auditing information from... I dunnow... maybe a Nagios
plugin or a Splunk query.

-- 
\m/ (--) \m/

References:
- [Discuss] deadmanish login?
  - From: sillystring at protonmail.com (Eric Chadbourne)
- [Discuss] deadmanish login?
  - From: dsr at randomstring.org (Dan Ritter)

Prev by Date: [Discuss] deadmanish login?
Next by Date: [Discuss] deadmanish login?
Previous by thread: [Discuss] deadmanish login?
Next by thread: [Discuss] deadmanish login?
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.