ixion at cfl
Mar 21, 2005, 4:40 AM
Post #5 of 5
(731 views)
Permalink
|
Hey very nicely done! Quite impressive! :)
>
> <quote who="Joey McCoy">
>> I personally use Logwatch and pay attention to disk free space, and more
>> importantly ssh/login attempts/failures/successes. I haven't looked too
>> much into adding custom entries in Logwatch, but I think I might look
>> into
>> the GRSecurity logging extensions as well. I would definitely consider
>> paying attention to any externally accessible services being analyzed
>> (apache, mysql, etc). :)
>
> I do more or less the same - but graphs say more than 1000words - so I
> wrote some little extensions to phpWebSite to actually show me some data
> on what is going on on my systems. Disk-Usage, CPU-Loads,
> Login-Attempts/Failures, Detected Viruses, SMTP-Connections, passed mails,
> detected Spam/Rejected Spam etc. Check it out on my
> webpage:http://www.solsys.org/mod.php?mod=systat&op=disp_ind&host_id=1
>
> Cheers
>
> Joerg
>
>> HTH
>>
>> cheers!
>>
>>> Hi all,
>>>
>>> I just wanted to get your opinions on finding some interesting syslog
>>> entries to capture with swatch or similar log analyser programs. Is
>>> there a common knowledge base on this subject? (discussion list,
>>> forums). I already analyse things like root password changes,switch to
>>> promiscous mode, etc... What areyou guys looking for in your logs?
>>>
>>> Thanks! :)
>>> Emre
>>> --
>>> gentoo-security [at] gentoo mailing list
>>>
>>>
>>
>>
>> --
>> gentoo-security [at] gentoo mailing list
>>
>>
>
>
> --
> ------------------------------------------------------------------------
> | Joerg Mertin : smurphy [at] solsys (Home)|
> | in Forchheim/Germany : smurphy [at] linux (Alt1)|
> | Stardust's LiNUX System : |
> | Web: http://www.solsys.org |
> ------------------------------------------------------------------------
> PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A
>
>
>
> --
> gentoo-security [at] gentoo mailing list
>
>
--
gentoo-security [at] gentoo mailing list
|
