DragonFly BSD
DragonFly users List (threaded) for 2010-04
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Working on a security program


From: Saifi Khan <saifi.khan@xxxxxxxxxxxxxxx>
Date: Fri, 2 Apr 2010 10:00:09 +0530 (India Standard Time)

On Tue, 30 Mar 2010, Walter wrote:

> Hi, all.  Despite my lack of response (sorry), I've been
> working on a security program.  Right now it uses auth.log
> to identify failed login attempts via telnet, ftp, and (of
> course) ssh.  I'm planning on "hard coding" this unless
> someone tells me I should look at other log files too.
> 
> I'm working on adding a check if the outside IP address
> changing to be able to reload the firewall if it uses it.
> And I'm thinking it'd be good to check if any of the system
> programs are changed - check the date-time stamp and size.
> These sorts of things can be done on a low rate periodic
> interval.
> 
> This has become somewhat of a compulsion for me of late,
> partly because I think it's a thing that ought to be, and
> because I'm using it to refresh my programming brain.  I
> would appreciate insights.  Thanks.
> 
> Walter
> 

Would setting up 'snort' help ?


--
thanks
Saifi.



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]