From owner-freebsd-questions@FreeBSD.ORG Sat Mar 10 14:48:08 2007 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 18D0116A406 for ; Sat, 10 Mar 2007 14:48:08 +0000 (UTC) (envelope-from raggen@passagen.se) Received: from av6-1-sn3.vrr.skanova.net (av6-1-sn3.vrr.skanova.net [81.228.9.179]) by mx1.freebsd.org (Postfix) with ESMTP id C859B13C467 for ; Sat, 10 Mar 2007 14:48:07 +0000 (UTC) (envelope-from raggen@passagen.se) Received: by av6-1-sn3.vrr.skanova.net (Postfix, from userid 502) id A9B2B37F62; Sat, 10 Mar 2007 15:26:39 +0100 (CET) Received: from smtp3-2-sn3.vrr.skanova.net (smtp3-2-sn3.vrr.skanova.net [81.228.9.102]) by av6-1-sn3.vrr.skanova.net (Postfix) with ESMTP id 7ADFF37EB4; Sat, 10 Mar 2007 15:26:39 +0100 (CET) Received: from [192.168.1.6] (81-231-90-251-no41.tbcn.telia.com [81.231.90.251]) by smtp3-2-sn3.vrr.skanova.net (Postfix) with ESMTP id 2970537E47; Sat, 10 Mar 2007 15:26:39 +0100 (CET) Message-ID: <45F2BFA2.9030705@passagen.se> Date: Sat, 10 Mar 2007 15:24:34 +0100 From: Roger Olofsson User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: David Schulz References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: Advice on IDS & co. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Mar 2007 14:48:08 -0000 Hello David, I've been using chkrootkit and it's fairly simple. Aide is a more free version of Tripwire and you might want to look at Snort. Both are in the ports tree. I suppose you have a firewall like IPFilter or PF already? I've been keeping an eye out for a really slick syslogfile analyzer, I'd be grateful for any tips on something in that direction. Good luck! David Schulz skrev: > Hello all, > > I would like to know what you guys think about chkrootkit, rkhunter and > tripwire. > > I am considering adding them on my Server for some added Security. I am > aware, the holy grail would be to really dive into Jails, and the > macframework, but still i would like to have some opinions on those > mentioned Tools. Also, if you have other neat tricks to add some > security to a Server, do tell. > > Thank you very much and best regards, > David > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > > --No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.446 / Virus Database: 268.18.8/716 - Release Date: > 2007-03-09 18:53 > >