chrootkit and rkhunter are also fine for detecting suspicious activity and tracking critical filesystem changes, but adapting them to your environment might take some work.
Allan Streib wrote:
I am guessing that many of us also manage linux systems, is anyone aware of a port or adaptation of security(8) for linux, specifically Ubuntu or Debian distributions? Allan
