|
Monitor your system for threats with rsec alerts |
|
|
|
Source: TechRepublic - Posted by Anthony Pell
|
Vincent Danen gives an overview of the monitoring and reporting tool rsec, which can help you keep a close eye on your system’s security without having to pore over log files.
Mandriva has long had their security tool called msec. Love it or hate it, it has been an integral part of all Mandriva Linux versions for years.
While many people liked using it, an equal number hated it because it was difficult to configure, and it did things behind your back. For instance, if you tried to tighten system permissions but did not update the msec security level, it would relax those permissions on its next run without any indication whatsoever.
Granted, it has gotten better in the last few months, but what is most interesting about msec, in my opinion, is the reports. Msec generates daily reports on what is happening on the system: ports that are open, ports that changed state (open or closed), unowned files, world-writable files, files owned by users that shouldn’t own them, checks on suid files, and more. These reports are relatively small and are executed daily, so it is a simple thing to look at quickly in the morning to determine if anything has changed.
Read this full article at TechRepublic
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
