2008/9/10 Luke Macken <[EMAIL PROTECTED]>: > Hey all, > > A couple of weeks ago I did an initial deployment of an Intrusion > Detection System in our infrastructure. It utilizes the prelude stack, > and is currently powered by auditd and prelude-lml events. Audit gives > us a ridiculous amount of power with regarding to monitoring > everything that happens on a system. Prelude-lml, out of the box > using it's pcre plugin, is able to watch a large variety of service > logs, including many things we are running (asterisk, mod_security, > nagios, cacti, PAM, postfix, sendmail, selinux, shadowutils, sshd, > sudo). Prewikka is the web-based frontend > (https://admin.fedoraproject.org/prewikka). >
for the EL-5 systems.. did you need to update audit from what is provided by RHEL-5.2? It looked like it would be needed when I talked with Steve Grubb because it required stuff that had not been ported to EL-5. I would be interested in helping you test/document this? Where can I start? -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
