Re: security log file parser / ids

From: jeremy-novak (pr0cy0n@home.com)
Date: 06/05/01


Date: Tue, 5 Jun 2001 09:25:52 -0600
From: jeremy-novak <pr0cy0n@home.com>
To: "Heimes, Rene" <rh@com-con.net>

On Tue, Jun 05, 2001 at 10:24:42AM +0100, Heimes, Rene wrote:
> hiho!
>
> i am searching for a parser that parses security logs from ipfw-made up
> logs. anyone got a hint?
> (btw: what about ipfw firewalls - outdated? what would be better?
> ipchains? help!)
>
> other question - whats the (freeware) ids of your choice / "state of the
> art" for freeBSD?
>
> great thanks in advance,
>
> rené
>
> ****************************************************
> "who fights might loose - who does not fight has lost immediately"
> Bertolt Brecht (freely adapted ;-)
> ****************************************************

  Hi

  I hope this helps some. It is a neat little toy called logcheck that is very
configurable. You can get it at http://www.psionic.com

Hope that helps out.

Jeremy

-- 
        
  ^ ^     email: pr0cy0n@home.com  (but you already knew that)
[ 0 0 ]   ircnick: g0rdi <irc.slashnet.org /#code>,<irc.undernet.org /#freebsd>
   '      usenet/mail: comp.unix.bsd.freebsd.misc/freebsd-hackers, lots more  
   o      root password: just kidding!
"You have an account at host.com"? "I wanna be user@host.com; I would get
 so many 'cool' e-mails".
          
  
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: security log file parser / ids
    ... > i am searching for a parser that parses security logs from ipfw-made up ... anyone got a hint? ... > (btw: what about ipfw firewalls - outdated? ...
    (FreeBSD-Security)
  • Re: security log file parser / ids
    ... > i am searching for a parser that parses security logs from ipfw-made up ... anyone got a hint? ... > (btw: what about ipfw firewalls - outdated? ...
    (FreeBSD-Security)
  • security log file parser / ids
    ... i am searching for a parser that parses security logs from ipfw-made up ... what about ipfw firewalls - outdated? ... "who fights might loose - who does not fight has lost immediately" ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)