Board index Solaris

Security/Management tools???

Security/Management tools???

Post by Philip Hallstro » Wed, 14 Jan 1998 04:00:00



Hi all -
        I've just decided that I want to automate a lot of my daily chores
(monitoring log files/disk space, etc...) and would like some tools to
handle it for me.  I had a couple of adhoc scripts that did some of it,
but there must be some better tools out there (that I wouldn't have to
write :).  I took a quick glance at COPS and Watcher and they look like
they would do the trick.  I've also heard of, but never played with
TripWire.
        Any and all comments, on the above programs or other programs that
do similar things would be greatly appreciated.  I'm primarily interested
in monitoring disk space, logins, various log files, etc...  What would be
really cool is a program that "learned" users login behaviours and would
notify me when the deviate from it (ie. joeuser tends to login b/n 8-5
from these machines, but today he logged in at 3am from this host in
germany, type of thing)

If there's interest I'll summarize any comments I receive.

Thanks!

--
Philip Hallstrom                 Sierra Online Services

 
 
 
Top

1. Shambler - A Firewall trap/tool (security tool)

-----BEGIN PGP SIGNED MESSAGE-----

                  The Shambler Version 1.0b
                    A Firewall Tool/Trap

   The shambler is a small program that is periodicly run on firewalls.  The
shambler uses it's config file to get a list of valid user IDs and then cruises
the process table looking for UIDs that are not explicitly allowed.  If any
user's are found that are not allowed, the event is logged, and all the
offending process are killed. -Zap- Normally Shambler would be run periodically
via cron.  Shambler is written in straight C, so is portable that way, but DOES
depend on the /proc filesystem to do it's thing.

Expect a Solaris version soon.

   This is BETA software, so use at your own risk, and please notify me if you
have any comments or questions.  The production version will be included in a
soon to be announced firewall package called "Wild Weasel", which will be
available for beta soon.

Shambler is Available at ftp://sunsite.unc.edu/pub/Linux/incoming/shambler*
          and should move to /pub/Linux/system/misc ?

Please send comments and questions to:

==================================================================

==================================================================
MAYAN-DATE:"Long count = 12.19.3.7.9; tzolkin = 13 Muluc; haab = 12 Yaxkin"

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMwNau4QRll5MupLRAQGYIwP/YAhB3Y+Iu0pYGZ1M2et/SGc0J9OpQmUT
tRQFwwls+IMVVs2E26rCRqI//B0wYKsF6X1p2g1rBbekBJHEJs0iZ8AF5VaICPdl
Pn5Oodn2Bz8rR37I0/5+1c6kfWIVf0Gh68g0lSlroCFoZJGtRdYQSOVfu0pPY+MQ
uEDONjtHMe0=
=jpRi
-----END PGP SIGNATURE-----

--
This article has been digitally signed by the moderator, using PGP.
http://www.iki.fi/liw/lars-public-key.asc has PGP key for validating signature.

PLEASE remember a short description of the software and the LOCATION.
This group is archived at http://www.iki.fi/liw/linux/cola.html

2. Password problem Suse 7

3. UNIX Project Management tools ?

4. how to get transparent bkgd?

5. Is there a software management tools in Xwin?

6. WindowMaker does not start for root user only ?

7. Network management tool

8. Can't get Linux to use ISP's DNS

9. Large IP Site Management Tool Wanted

10. Project Management Tool on Unix

11. Unix Performance Management tools

12. Information requested on Unix management tools

13. Network Management Tools


All times are UTC
Board index