+ Reply to Thread
Results 1 to 5 of 5
  1. June 18th, 2003 03:47 PM #1
    Networker
    Networker is offline
    Senior Member Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of
    Join Date
    Nov 2002
    Posts
    382

    Help - Log event traps

    Hey folks I need ur help on this one!
    I'm looking for a way to trap (SNMP) event from a File-system IDS (or integrity checker) like tripwire, AIDE or chkrootkit.

    by the way I've found the hereby awesome Reference Guide to Creating a Remote Log Server on linuxsecurity.org, but poorly there is no mention of snmp traps.

    thanx
    [shadow] SHARING KNOWLEDGE[/shadow]
    Reply With Quote Reply With Quote
  2. June 18th, 2003 03:49 PM #2
    infosecguru2
    infosecguru2 is offline
    Senior Member infosecguru2 has a spectacular aura about infosecguru2 has a spectacular aura about infosecguru2 has a spectacular aura about
    Join Date
    Feb 2003
    Posts
    109
    what OS are you using on the trapping machine?
    $person!=$kiddie or die(\"Alas, die you hotmail hacker!!\");
    SecureVision
    Reply With Quote Reply With Quote
  3. June 18th, 2003 04:12 PM #3
    Networker
    Networker is offline
    Senior Member Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of Networker has much to be proud of
    Join Date
    Nov 2002
    Posts
    382
    Linux
    [shadow] SHARING KNOWLEDGE[/shadow]
    Reply With Quote Reply With Quote
  4. June 18th, 2003 07:44 PM #4
    The3ntropy
    The3ntropy is offline
    Senior Member The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy The3ntropy
    Join Date
    Mar 2002
    Posts
    442
    Use snort. http://www.snort.org
    You can read all kinds of info there and if not, do a google search for snort and you find it there.
    Reply With Quote Reply With Quote
  5. June 22nd, 2003 06:19 AM #5
    w0rm3y
    w0rm3y is offline
    Senior Member w0rm3y will become famous soon enough
    Join Date
    May 2003
    Posts
    115
    also check out loganalysis.org it's run by tina bird and occasionally contribution from the man himself, mjr

    -w0rm3y
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides