Date: Tue, 5 Jun 2001 09:25:52 -0600 From: jeremy-novak <pr0cy0n@home.com> To: "Heimes, Rene" <rh@com-con.net> Cc: freebsd-security@freebsd.org Subject: Re: security log file parser / ids Message-ID: <20010605092552.A936@c1456354-a.boise1.id.home.com> In-Reply-To: <F54B610C5BFDE546BBA2F6CC595ACC75084958@Exchange2000.com-con.ag>; from rh@com-con.net on Tue, Jun 05, 2001 at 10:24:42AM %2B0100 References: <F54B610C5BFDE546BBA2F6CC595ACC75084958@Exchange2000.com-con.ag>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 05, 2001 at 10:24:42AM +0100, Heimes, Rene wrote: > hiho! > > i am searching for a parser that parses security logs from ipfw-made up > logs. anyone got a hint? > (btw: what about ipfw firewalls - outdated? what would be better? > ipchains? help!) > > other question - whats the (freeware) ids of your choice / "state of the > art" for freeBSD? > > great thanks in advance, > > rené > > **************************************************** > "who fights might loose - who does not fight has lost immediately" > Bertolt Brecht (freely adapted ;-) > **************************************************** Hi I hope this helps some. It is a neat little toy called logcheck that is very configurable. You can get it at http://www.psionic.com Hope that helps out. Jeremy -- ^ ^ email: pr0cy0n@home.com (but you already knew that) [ 0 0 ] ircnick: g0rdi <irc.slashnet.org /#code>,<irc.undernet.org /#freebsd> ' usenet/mail: comp.unix.bsd.freebsd.misc/freebsd-hackers, lots more o root password: just kidding! "You have an account at host.com"? "I wanna be user@host.com; I would get so many 'cool' e-mails". To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010605092552.A936>