From owner-freebsd-security  Tue Jun  5  1:24:50 2001
Delivered-To: freebsd-security@freebsd.org
Received: from Exchange2000.com-con.ag (exchange2000.com-con.net [212.6.164.8])
	by hub.freebsd.org (Postfix) with ESMTP id D665537B401
	for <freebsd-security@freebsd.org>; Tue,  5 Jun 2001 01:24:46 -0700 (PDT)
	(envelope-from rh@com-con.net)
Content-Class: urn:content-classes:message
Subject: security log file parser / ids
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 5 Jun 2001 10:24:42 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.0.4417.0
Message-ID: <F54B610C5BFDE546BBA2F6CC595ACC75084958@Exchange2000.com-con.ag>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: security log file parser / ids
Thread-Index: AcDtoVoNIzbBRx6KQpGCdqF8vL9w9w==
From: "Heimes, Rene" <rh@com-con.net>
To: <freebsd-security@freebsd.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

hiho!

i am searching for a parser that parses security logs from ipfw-made up
logs. anyone got a hint?
(btw: what about ipfw firewalls - outdated? what would be better?
ipchains? help!)

other question - whats the (freeware) ids of your choice / "state of the
art" for freeBSD?

great thanks in advance,

ren=E9

****************************************************
"who fights might loose - who does not fight has lost immediately"
Bertolt Brecht (freely adapted ;-)
****************************************************

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message