> John the Ripper (weak password detection), Appears to be installed but I'm not actively using it.
> logcheck (batch checks on syslogs), Installed and configured > PortSentry (IDS w/ some reaction capability), Installed and configured > AIDE or Tripwire (file integrity checks), Just installed and now tinkering with it > nmap (port scan) or Nessus> (vulnerability scans) scans from outside the box, nmap installed, helped to block a bunch of ports with iptables > Xlogmaster (real-time checks on syslogs with action, e.g., e-mail your pager), Never heard of it but I'll look into it > and snort (IDS). Would this interfere with portsentry? > HTH, > Jeffrey Indeed :] thanks <EOL> Tib