Quoting Tib <[EMAIL PROTECTED]>: > I'm looking for information on packages that will do a nice job of keeping > an eye on my system security-wise. PackageS because I know that no one > packages can do it all. > > Currently all I've got is 'tiger', and while it does a good job it has > issues like failed checksums against installed packages (well that's > strange because I just installed that package and it already failes the > checksum?) and such. Does anyone have any recommendations? >
John the Ripper (weak password detection), logcheck (batch checks on syslogs), PortSentry (IDS w/ some reaction capability), AIDE or Tripwire (file integrity checks), nmap (port scan) or Nessus (vulnerability scans) scans from outside the box, Xlogmaster (real-time checks on syslogs with action, e.g., e-mail your pager), and snort (IDS). HTH, Jeffrey
