| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Detecting Intrusions with your Firewall Log and OsHids In this article we are going to talk about one of the basics, but powerful, methods of Intrusion Detection: Firewall's Log analysis. Although a firewall generates a lot of log, being difficult to analyze it, you can use the OsHids tool to monitor your logs (generating an easy to view log in html with an PHP interface) and help you visualize any attempt to bypass your firewall policy.
By Daniel B. Cid, 03/22/2004
|
|
Complete Reference Guide to Creating a Remote Log Server A remote log server is nothing more then a system preconfigured at install-time to provide hard drive space for other systems to log to. This system must be completely secured and locked down. No unencrypted remote access should be allowed, all RPC Daemons and other misc. services should be turned off as well. The only data allowed to the machine should be UDP/Port 514. We will be walking you through a step-by-step process that details how to configure, install, and deploy a remote log server. Utilizing some of the most renowned security experts across the globe for input, I've compiled a comprehensive, and easy to understand guide on ensuring this to be a successful launch.
By Eric Hines, 03/13/2004
|
|
Setting up a Linux Log Server to enhance System Security If a break-in occurs and you want to track the cracker down, the system administrator will first check the log files for evidence of a break-in, so she must be 100% SURE that the log files are valid and haven't been tampered with.
By Chl0ie, 03/13/2004
|
|
Page: 12 3 |
