Date: Mon, 19 Feb 2001 11:04:41 +0100 From: Ragnar Beer <rbeer@uni-goettingen.de> To: Brian Reichert <reichert@numachi.com> Subject: Re: Remote logging Message-ID: <p04330102b6b69f70835f@[134.76.136.114]> In-Reply-To: <20010218170753.A85795@numachi.com> References: <20010218170753.A85795@numachi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>Date: Sun, 18 Feb 2001 17:05:07 -0500 >From: Brian Reichert <reichert@numachi.com> >To: Carroll Kong <damascus@home.com> >Subject: Re: Remote logging > snip >- The host(s) generating syslog packets: your log auditing would > involve looking for traffic anomalies. Absence of syslog packets > from any one host is an anomaly. :) That's another thing I'm not familiar with: What are good tools for log auditing? Are there any that do anomaly analysis? Ragnar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p04330102b6b69f70835f>