Intrusion Detection Systems, Part IV: Logcheck
Source: FreeOS - Posted by Chris Pallack   
Intrusion Detection The last in this four part series on IDS, looks at Logcheck: a software package that is designed to automatically run and check system log files for security violations and unusual activity. In the last three articles in this series, we . . . The last in this four part series on IDS, looks at Logcheck: a software package that is designed to automatically run and check system log files for security violations and unusual activity. In the last three articles in this series, we looked at the concept of an Intrusion Detection System (IDS) and its implementation on your network. We discussed some of the top-notch tools like Tripwire and Snort, that you could use as your Swiss army knife in detecting intrusions into your network.

Logcheck is a software package that is designed to automatically run and check system log files for security violations and unusual activity. Logcheck uses a program called logtail that remembers the last position it read from in a log file and will use this position on subsequent runs to process new information. All source code is available for review and the implementation has been kept simple to avoid problems.

Read this full article at FreeOS

Only registered users can write comments.
Please login or register.

Powered by AkoComment!