From owner-freebsd-security Thu May 3 9:18:14 2001 Delivered-To: freebsd-security@freebsd.org Received: from krunk.geekazoid.com (cm226.62.234.24.lvcm.com [24.234.62.226]) by hub.freebsd.org (Postfix) with ESMTP id 0B43937B423 for ; Thu, 3 May 2001 09:18:12 -0700 (PDT) (envelope-from glenn@geekazoid.com) Received: from geekazoid.com (ws042.hq.geekazoid.com [172.16.250.42]) by krunk.geekazoid.com (8.11.0/8.9.3) with ESMTP id f43FuD302807 for ; Thu, 3 May 2001 08:56:14 -0700 (PDT) (envelope-from glenn@geekazoid.com) Message-ID: <3AF184D1.267A76D8@geekazoid.com> Date: Thu, 03 May 2001 09:18:25 -0700 From: Glenn G X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: security@FreeBSD.org Subject: Security Monitors Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Good Morning All! I have a quick question regarding security monitoring. We have a Linux server that was recently breeched (completely my fault btw. Never got around to securing it up very well.) To my point...FreeBSD has been much more secure in my limited experience than most other OS's out there. I would however like to install more monitoring software on the box so it will alert me if there has been an attack. I have been looking at "mon", "bro", and "logcheck". Can anyone give any recommendations? Experiences? Also, is it worthwhile to install "xinetd"? Again, any advice would be awesome. Any help is greatly appreciated!!! ;-) Happy Day, glenn PS - I am on the digest list so please be patient for any feedback from me. :-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message