From owner-freebsd-questions@FreeBSD.ORG  Fri Mar 18 10:47:20 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 934DA16A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Mar 2005 10:47:20 +0000 (GMT)
Received: from mail01.oxygen.az (mail01.oxygen.az [212.47.128.37])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1D86F43D3F
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Mar 2005 10:47:19 +0000 (GMT)	(envelope-from tofik@oxygen.az)
Received: from [192.168.1.101] ([212.47.129.8])
  by mail01.oxygen.az with esmtp; Fri, 18 Mar 2005 14:46:43 +0400
Message-ID: <423AB190.9080406@oxygen.az>
Date: Fri, 18 Mar 2005 14:46:40 +0400
From: Tofik Suleymanov <tofik@oxygen.az>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041016
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: sgnezdov@sergei.homeunix.org
References: <slrnd39e2s.1gru.use-reply-to@sergei.homeunix.org>
	<4557.24.98.86.57.1110773047.squirrel@24.98.86.57>
	<slrnd3fpqq.1k14.use-reply-to@sergei.homeunix.org>
In-Reply-To: <slrnd3fpqq.1k14.use-reply-to@sergei.homeunix.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: Howto monitor system security
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2005 10:47:20 -0000

Sergei Gnezdov wrote:

>On 2005-03-14, Jerry Bell <jbell@stelesys.com> wrote:
>  
>
>>There are many tools that will send alerts to you, but very few that will
>>work "out of the box", without some level of tuning.  There is a
>>collection of them here:
>>http://www.syslog.org/Web_Links+index-req-viewlink-cid-4.phtml and here:
>>http://www.syslog.org/Web_Links+index-req-viewlink-cid-19.phtml
>>    
>>
>
>I see lots of log analizer tools.  Which one is a good choice?
>  
>
/usr/ports/security/logcheck works for me fine.

-- 
T.M.Suleymanov
tofik@oxygen.az

............................................
crypto anarchy, encryption, digital money,  
anonymous networks, digital pseudonyms, zero
knowledge, contrculture, information markets, 
black markets, collapse of governments.